exploitDog

GHSA-g23j-wvjf-2p27

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

Ссылки

EPSS

Процентиль: 83%

0.02079

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2008-2808

ubuntu

почти 17 лет назад

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

CVE-2008-2808

redhat

почти 17 лет назад

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

CVE-2008-2808

nvd

почти 17 лет назад

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

CVE-2008-2808

debian

почти 17 лет назад

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not pro ...

ELSA-2008-0569

oracle-oval

почти 17 лет назад

ELSA-2008-0569: firefox security update (CRITICAL)

EPSS

Процентиль: 83%

0.02079

Низкий

CVE ID

Дефекты

CWE-79