CVE-2016-9903

CVE-2016-9903 is a cross-site scripting (XSS) vulnerability in Mozilla Firefox’s Add-ons SDK. The issue arises from a world-accessible resource that can be loaded as a document due to another vulnerability, enabling an attacker to inject content and script into the add-on context and potentially ...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:3310-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3155-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3155-1 advisory. Multiple security vulnerabilities were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

USN-3155-1: Firefox vulnerabilities

Multiple security vulnerabilities were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, obtain sensitive information, cause a denial of service via application crash, o...

UBUNTU-CVE-2016-9903

Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox 50.1...