Referrer Policy Bypass in Multipart Channels

Referrer Policy Bypass in Multipart Channels

CVE-2017-5385 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.

Learn more about our Web Application Penetration Testing UK.