CVE-2020-12394

Summary

A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 76affected

Weaknesses

  • URL spoofing in location bar when unfocussed

ADP Enrichment

CVE Program Container

Additional References

References