Lucene search
K

4 matches found

Veracode
Veracode
added 2020/09/21 6:32 a.m.17 views

Cross-site Scripting (XSS)

firefox is vulnerable to cross-site scripting XSS. JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could...

6.1CVSS0.5AI score0.01412EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.22 views

CVE-2017-7799

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...

6.4AI score0.01412EPSS
Exploits1References4
CVE
CVE
added 2018/06/11 9:0 p.m.125 views

CVE-2017-7799

CVE-2017-7799 - Firefox before 55 : A cross-site scripting risk exists due to JavaScript on the about:webrtc page being assigned to innerHTML without proper sanitization. The data on this page is supplied by WebRTC usage and not user-controlled, making exploitation possible under certain conditio...

6.1CVSS6.2AI score0.01412EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2017/08/10 12:0 a.m.2 views

UBUNTU-CVE-2017-7799

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...

6.1CVSS6.7AI score0.01412EPSS
Exploits1References3
Rows per page
Query Builder