4 matches found
Cross-site Scripting (XSS)
firefox is vulnerable to cross-site scripting XSS. JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could...
CVE-2017-7799
JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...
CVE-2017-7799
CVE-2017-7799 - Firefox before 55 : A cross-site scripting risk exists due to JavaScript on the about:webrtc page being assigned to innerHTML without proper sanitization. The data on this page is supplied by WebRTC usage and not user-controlled, making exploitation possible under certain conditio...
UBUNTU-CVE-2017-7799
JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...