CVE-2017-7762

Sažetak

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.

Reference

http://www.securityfocus.com/bid/99047
http://www.securitytracker.com/id/1038689
https://access.redhat.com/errata/RHSA-2018:2112
https://access.redhat.com/errata/RHSA-2018:2113
https://bugzilla.mozilla.org/show_bug.cgi?id=1358248
https://www.mozilla.org/security/advisories/mfsa2017-15/

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

30-07-2018 - 15:23

Objavljeno

11-06-2018 - 21:29