Lucene search
PRIOn knowledge basePRION:CVE-2018-5143HistoryJun 11, 2018 - 9:29 p.m.
Cross site scripting
2018-06-1121:29:00
PRIOn knowledge base
www.prio-n.com
8
URLs using “javascript:” have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the “javascript:” URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 17.10 | |
| firefox | lt | 59.0 |
Related
cve
cve
CVE-2018-5143
2018-06-11 21:29:14
ubuntucve
ubuntucve
CVE-2018-5143
2018-03-14 00:00:00
debiancve
debiancve
CVE-2018-5143
2018-06-11 21:29:14
cvelist
cvelist
CVE-2018-5143
2018-06-11 21:00:00
nvd
nvd
CVE-2018-5143
2018-06-11 21:29:14
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3596-2)
2018-04-10 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (c71cdc95-3c18-45b7-866a-af28b59aabb5)
2018-03-14 00:00:00
Mozilla Firefox < 59 Multiple Vulnerabilities
2018-03-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3596-1)
2018-03-15 00:00:00
Ubuntu: Security Advisory (USN-3596-2)
2018-04-07 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-06, MFSA2018-07) - Windows
2018-03-15 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-03-14 00:00:00
Firefox regression
2018-04-06 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-03-13 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 59 — Mozilla
2018-03-13 00:00:00
kaspersky
kaspersky
KLA11206 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-03-13 00:00:00