Описание
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
Ссылки
- Issue TrackingPermissions RequiredVendor Advisory
- Vendor Advisory
- Issue TrackingPermissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
A rogue webpage could override the injected WKUserScript used by the d ...
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
Уязвимость скрипта WKUserScript функции загрузки браузера Mozilla Firefox для iOS, позволяющая нарушителю загрузить произвольный файл
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2