Description
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Remediation
References
Related Vulnerabilities
WordPress Plugin LOGOSWARE SUITE Uploader Arbitrary File Upload (1.1.6)
WebLogic CVE-2018-2625 Vulnerability (CVE-2018-2625)
WordPress Plugin Fitness Trainer-Training Membership Cross-Site Scripting (1.0.8)
MySQL CVE-2016-9842 Vulnerability (CVE-2016-9842)
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Scripting (3.2.12)