CVE-2017-5458
CVSS v3.0
6.1 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.14 % (51th)
Affected Products
1
Advisories
4
When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox < 53.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2018-06-11 21:29:06
(6 years ago) - Updated Date
-
2018-08-07 12:20:05
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...