CVE-2017-7798

Summary

The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 52.3affected
MozillaFirefoxunspecified < 55affected

Weaknesses

  • XUL injection in the style editor in devtools

ADP Enrichment

CVE Program Container

Additional References

References