CVE-2017-7812

CVSS v3.0 5.3 (Medium)

CVSS v2.0 5 (Medium)

EPSS 0.18 % (56^th)

Affected Products 1

Advisories 3

If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2018-06-11 21:29:10
(6 years ago)
Updated Date: 2018-06-25 19:19:30
(6 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 55.0.3 and prior versions	cpe:2.3:a:mozilla:firefox		<= 55.0.3