virus logo FortiClient Vulnerability

Mozilla Firefox CVE-2016-2816 Privilege Escalation Vulnerability

description-logoDescription

Security researcher Muneaki Nishimura (nishimunea) of Recruit Technologies Co., Ltd. reported that Content Security Policy (CSP) is not applied correctly to web content sent with the multipart/x-mixed-replace MIME type. This allows for script to run in instances where CSP should block it, leading to a failure to prevent potential cross-site scripting (XSS) and other attacks against the web page.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2016-2816

Other References

https://www.mozilla.org/en-US/security/advisories/mfsa2016-45
ID 25900
Created Jul 11, 2018
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Mozilla
Patch auto
Application Firefox