2 matches found
CVE-2018-5167
The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display...
Mozilla Firefox Design Vulnerability (CNVD-2018-11791)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 60, which stems from a failure of the web console and JavaScript debugger to filter all output with hyperlinks. A remote...