Hide Forgot
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/#CVE-2017-7830
Acknowledgments: Name: the Mozilla project Upstream: Jun Kokatsu
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:3247 https://access.redhat.com/errata/RHSA-2017:3247
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:3372 https://access.redhat.com/errata/RHSA-2017:3372