Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-4g4m-5m32-4h55

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 8.1

Описание

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

EPSS

Процентиль: 73%
0.0082
Низкий

8.1 High

CVSS3

Дефекты

CWE-20

Связанные уязвимости

CVSS3: 8.1
ubuntu
около 7 лет назад

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 7.5
redhat
почти 8 лет назад

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 8.1
nvd
около 7 лет назад

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

CVSS3: 8.1
debian
около 7 лет назад

A mechanism that uses AppCache to hijack a URL in a domain using fallb ...

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость механизма AppCache браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю осуществить подмену домена

EPSS

Процентиль: 73%
0.0082
Низкий

8.1 High

CVSS3

Дефекты

CWE-20