CVE-2017-7762
N/A
N/A
Summary
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 54 | affected |
Weaknesses
- Addressbar spoofing in Reader mode
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2018:2112
- https://www.mozilla.org/security/advisories/mfsa2017-15/
- http://www.securitytracker.com/id/1038689
- https://access.redhat.com/errata/RHSA-2018:2113
- https://bugzilla.mozilla.org/show_bug.cgi?id=1358248
- http://www.securityfocus.com/bid/99047
References
- https://access.redhat.com/errata/RHSA-2018:2112
- https://www.mozilla.org/security/advisories/mfsa2017-15/
- http://www.securitytracker.com/id/1038689
- https://access.redhat.com/errata/RHSA-2018:2113
- https://bugzilla.mozilla.org/show_bug.cgi?id=1358248
- http://www.securityfocus.com/bid/99047
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.