Vulnerability CVE-2017-7816: Information
Description
WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox < 56.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2017-21/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1380597 |
|
1039465 |
|
101057 |
|