CVE-2018-5169

Summary

If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 60affected

Weaknesses

  • Dragging and dropping link text onto home button can set home page to include chrome pages

ADP Enrichment

CVE Program Container

Additional References

References