CVE-2015-0807 (retired)

Priority
Description
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0,
Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP
30x status codes for redirects after a preflight request has occurred,
which allows remote attackers to bypass intended CORS access-control checks
and conduct cross-site request forgery (CSRF) attacks via a crafted web
site, a similar issue to CVE-2014-8638.
Assigned-to
chrisccoulson
Package
Upstream:released (37.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (37.0+build2-0ubuntu0.14.04.1)
Package
Priority: Low
Upstream:released (31.6.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:31.6.0+build1-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:14:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)