Количество 7
Количество 7
CVE-2016-2817
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
CVE-2016-2817
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
CVE-2016-2817
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
CVE-2016-2817
The WebExtension sandbox feature in browser/components/extensions/ext- ...
GHSA-px89-65ch-24x4
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
BDU:2016-01148
Уязвимость браузера Firefox, позволяющая нарушителю проводить UXSS-атаки
openSUSE-SU-2016:1211-1
Security update update for MozillaFirefox, mozilla-nss
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-2817 The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL. | CVSS3: 5.4 | 0% Низкий | почти 10 лет назад |
 | CVE-2016-2817 The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL. | CVSS2: 4.3 | 0% Низкий | почти 10 лет назад |
 | CVE-2016-2817 The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL. | CVSS3: 5.4 | 0% Низкий | почти 10 лет назад |
| CVE-2016-2817 The WebExtension sandbox feature in browser/components/extensions/ext- ... | CVSS3: 5.4 | 0% Низкий | почти 10 лет назад |
| GHSA-px89-65ch-24x4 The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL. | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
 | BDU:2016-01148 Уязвимость браузера Firefox, позволяющая нарушителю проводить UXSS-атаки | CVSS2: 4.3 | 0% Низкий | почти 10 лет назад |
 | openSUSE-SU-2016:1211-1 Security update update for MozillaFirefox, mozilla-nss | почти 10 лет назад |
Уязвимостей на страницу