CVE-2017-7837

Summary

SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 57affected

Weaknesses

  • SVG loaded as <img> can use meta tags to set cookies

ADP Enrichment

CVE Program Container

Additional References

References