Lucene search
Mozilla FoundationMFSA2016-48HistoryApr 26, 2016 - 12:00 a.m.
Firefox Health Reports could accept events from untrusted domains — Mozilla
2016-04-2600:00:00
Mozilla Foundation
www.mozilla.org
25
0.009 Low
EPSS
Percentile
82.8%
Mozilla engineer Mark Goodwin discovered that the Firefox Health Report (about:healthreport) accepts certain events from any content document present in the remote-report iframe. If there were another vulnerability that allowed the injection of web content into the Firefox Health Report iframe, this content could change the sharing preferences of a user by firing the appropriate events at it s containing page.
Related
debiancve
debiancve
CVE-2016-2820
2016-04-30 17:59:15
cvelist
cvelist
CVE-2016-2820
2016-04-30 17:00:00
prion
prion
Design/Logic Flaw
2016-04-30 17:59:00
cve
cve
CVE-2016-2820
2016-04-30 17:59:15
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2016-48) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Advisories (MFSA2016-39, MFSA2016-48) - Mac OS X
2016-05-02 00:00:00
Ubuntu: Security Advisory (USN-2936-3)
2016-05-19 00:00:00
ubuntucve
ubuntucve
CVE-2016-2820
2016-04-27 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-2936-3)
2016-05-19 00:00:00
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-541)
2016-05-06 00:00:00
Ubuntu 12.04 LTS : oxygen-gtk3 update (USN-2936-2)
2016-05-03 00:00:00
ubuntu
ubuntu
Oxygen-GTK3 update
2016-05-02 00:00:00
Firefox regression
2016-05-19 00:00:00
archlinux
archlinux
firefox: multiple issues
2016-04-30 00:00:00
kaspersky
kaspersky
KLA10795 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2016-04-26 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2016-04-26 00:00:00
gentoo
gentoo
Mozilla Firefox, Thunderbird: Multiple vulnerabilities
2017-01-03 00:00:00