Описание
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
Ссылки
- Issue TrackingPermissions RequiredVendor Advisory
- Vendor Advisory
- Issue TrackingPermissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
A rogue webpage could override the injected WKUserScript used by the l ...
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
Уязвимость браузера Mozilla Firefox для iOS, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить доступ к паролям пользователей для текущего домена
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2