CVE-2017-5385

Summary

Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 51affected

Weaknesses

  • Data sent in multipart channels ignores referrer-policy response headers

ADP Enrichment

CVE Program Container

Additional References

References