CVE-2017-5394

Summary

A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 51affected

Weaknesses

  • Android location bar spoofing using fullscreen and JavaScript events

ADP Enrichment

CVE Program Container

Additional References

References