Lucene search
MozillaCVELIST:CVE-2018-5143HistoryJun 11, 2018 - 9:00 p.m.
CVE-2018-5143
2018-06-1121:00:00
mozilla
www.cve.org
1
URLs using “javascript:” have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the “javascript:” URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "59",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2018-5143
2018-06-11 21:29:14
ubuntucve
ubuntucve
CVE-2018-5143
2018-03-14 00:00:00
prion
prion
Cross site scripting
2018-06-11 21:29:00
debiancve
debiancve
CVE-2018-5143
2018-06-11 21:29:14
nvd
nvd
CVE-2018-5143
2018-06-11 21:29:14
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3596-2)
2018-04-10 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (c71cdc95-3c18-45b7-866a-af28b59aabb5)
2018-03-14 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3596-1)
2018-03-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3596-1)
2018-03-15 00:00:00
Ubuntu: Security Advisory (USN-3596-2)
2018-04-07 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-06, MFSA2018-07) - Windows
2018-03-15 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-03-14 00:00:00
Firefox regression
2018-04-06 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-03-13 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 59 — Mozilla
2018-03-13 00:00:00
kaspersky
kaspersky
KLA11206 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-03-13 00:00:00