6 matches found
FreeBSD : Firefox -- content injection attack (a3291f81-3d7c-11f0-9a55-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a3291f81-3d7c-11f0-9a55-b42e991fc52e advisory. [email protected] reports: Previewing a response in Devtools ignored CSP headers, which could have...
Malicious code in firefox-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27d723f2db7c5589f68811969f49939e22ad3e71b00f741fc7f19a5bb6464da2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3778 Malicious code in firefox-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27d723f2db7c5589f68811969f49939e22ad3e71b00f741fc7f19a5bb6464da2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the DevTools console in the Firefox web browser, related to the information disclosure feature, allows attackers to gain access to confidential data.
The vulnerability of the DevTools console in the Firefox web browser relates to the disclosure of information. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...
The vulnerability of the DevTools set of tools for web development in the Mozilla Firefox browser and the Thunderbird email client allows a hacker to execute arbitrary commands.
The vulnerability of the DevTools suite for web development in the Mozilla Firefox browser and Thunderbird email client is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
SUSE CVE-2018-5175
A mechanism to bypass Content Security Policy CSP protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, a...