Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

BDU FSTEC
BDU FSTECadded 2016/05/12 12:0 a.m.3 views

The vulnerability of the Firefox browser, which allows attackers to carry out UXSS attacks

The vulnerability of the WebExtension sandbox component browser/components/extensions/ext-tabs.js in the Firefox browser does not properly restrict the inheritance from API calls like chrome.tabs.create and chrome.tabs.update. Exploiting this vulnerability allows a malicious actor to perform UXSS...

4.3CVSS6.7AI score0.01252EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2016/04/30 5:59 p.m.3 views

CVE-2016-2817

The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS UXSS attacks via a craft...

5.4CVSS7.3AI score0.01252EPSS
Exploits0References9
CNVD
CNVDadded 2016/04/28 12:0 a.m.2 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2016-02671)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. The chrome.tabs.update API in Mozilla Firefox's Web Extension allows the program to navigate to javascript: URLs when the user does not have additional privileges, allowing remote attackers to...

5.4CVSS8.6AI score0.01252EPSS
Exploits0References1
Rows per page
Query Builder