CVE-2018-18497

Summary

Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 64affected

Weaknesses

  • WebExtensions can load arbitrary URLs through pipe separators

ADP Enrichment

CVE Program Container

Additional References

References