Lucene search
MozillaCVELIST:CVE-2016-2817HistoryApr 30, 2016 - 5:00 p.m.
CVE-2016-2817
2016-04-3017:00:00
mozilla
raw.githubusercontent.com
1
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
Related
cve
cve
CVE-2016-2817
2016-04-30 17:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2016-46) - Linux
2021-11-08 00:00:00
Ubuntu: Security Advisory (USN-2936-3)
2016-05-19 00:00:00
Mozilla Firefox Security Advisories (MFSA2016-39, MFSA2016-48) - Mac OS X
2016-05-02 00:00:00
mozilla
mozilla
prion
prion
Design/Logic Flaw
2016-04-30 17:59:00
debiancve
debiancve
CVE-2016-2817
2016-04-30 17:59:00
ubuntucve
ubuntucve
CVE-2016-2817
2016-04-27 00:00:00
nessus
nessus
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-541)
2016-05-06 00:00:00
Ubuntu 12.04 LTS : oxygen-gtk3 update (USN-2936-2)
2016-05-03 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-2936-3)
2016-05-19 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2016-04-27 00:00:00
Oxygen-GTK3 update
2016-05-02 00:00:00
Firefox regression
2016-05-19 00:00:00
suse
suse
Security update update for MozillaFirefox, mozilla-nss (important)
2016-05-04 15:08:32
archlinux
archlinux
firefox: multiple issues
2016-04-30 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2016-04-26 00:00:00
kaspersky
kaspersky
KLA10795 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-04-26 00:00:00
gentoo
gentoo
Mozilla Firefox, Thunderbird: Multiple vulnerabilities
2017-01-03 00:00:00