CVE-2017-5420
N/A
N/A
Summary
A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 52 | affected |
Weaknesses
- Javascript: URLs can obfuscate addressbar location
ADP Enrichment
CVE Program Container
Additional References
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- https://bugzilla.mozilla.org/show_bug.cgi?id=1284395
- http://www.securityfocus.com/bid/96692
References
- https://www.mozilla.org/security/advisories/mfsa2017-05/
- http://www.securitytracker.com/id/1037966
- https://bugzilla.mozilla.org/show_bug.cgi?id=1284395
- http://www.securityfocus.com/bid/96692
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.