External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of data: URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Debian_linux | Debian | 9.0 (including) | 9.0 (including) |