CVE-2018-5134

Summary

WebExtensions may use "view-source:" URLs to view local "file:" URL content, as well as content stored in "about:cache", bypassing restrictions that only allow WebExtensions to view specific content. This vulnerability affects Firefox < 59.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 59affected

Weaknesses

  • WebExtensions may use view-source: URLs to bypass content restrictions

ADP Enrichment

CVE Program Container

Additional References

References