CVE-2016-9076

Summary

An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 50affected

Weaknesses

  • select dropdown menu can be used for URL bar spoofing on e10s

ADP Enrichment

CVE Program Container

Additional References

References