Описание
Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 58.0+build6-0ubuntu0.17.10.1 |
| bionic | released | 59.0.1+build1-0ubuntu1 |
| devel | released | 59.0.1+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [58.0+build6-0ubuntu0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 58.0+build6-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [58.0+build6-0ubuntu0.14.04.1] |
| upstream | released | 58.0 |
| xenial | released | 58.0+build6-0ubuntu0.16.04.1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.
Development Tools panels of an extension are required to load URLs for ...
Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.
Уязвимость панели инструментов браузера Mozilla Firefox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5 Medium
CVSS2
7.5 High
CVSS3