VYPR
Medium severity5.3NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026

CVE-2017-7808

CVE-2017-7808

Description

A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.