CVE-2017-5450

Summary

A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This vulnerability affects Firefox < 53.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 53affected

Weaknesses

  • Addressbar spoofing using javascript: URI on Firefox for Android

ADP Enrichment

CVE Program Container

Additional References

References