Описание
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | released | 42.0 |
| vivid | not-affected | |
| wily | not-affected |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."
Mozilla Firefox before 42.0 on Android improperly restricts URL string ...
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."
Уязвимость браузера Firefox, позволяющая нарушителю выполнить межсайтовое выполнение сценариев
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey
4.3 Medium
CVSS2