Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2f4j-64mc-h8m2

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 8.8

Описание

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

EPSS

Процентиль: 86%
0.0292
Низкий

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 8.8
redhat
почти 8 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 8.8
nvd
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

CVSS3: 8.8
debian
около 7 лет назад

The Developer Tools feature suffers from a XUL injection vulnerability ...

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость компонента Developer Tools браузера Mozilla Firefox ESR, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 86%
0.0292
Низкий

8.8 High

CVSS3

Дефекты

CWE-94