Wind River Support Network

HomeDefectsLIN1022-3380
Fixed

LIN1022-3380 : Security Advisory - firefox - CVE-2023-25728

Created: Feb 16, 2023    Updated: Jul 27, 2025
Resolved Date: Jul 27, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

https://nvd.nist.gov/vuln/detail/CVE-2023-25728
  • Linkedin
  • Facebook
  • Twitter
  • Youtube