CVE-2017-5393

2018-06-11T21:29:00
ID CVE-2017-5393
Type cve
Reporter cve@mitre.org
Modified 2018-08-07T17:30:00

Description

The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51.