Lucene search
Ubuntu.comUB:CVE-2018-5167HistoryMay 11, 2018 - 12:00 a.m.
CVE-2018-5167
2018-05-1100:00:00
ubuntu.com
ubuntu.com
6
0.003 Low
EPSS
Percentile
66.1%
The web console and JavaScript debugger do not sanitize all output that can
be hyperlinked. Both will display “chrome:” links as active, clickable
hyperlinks in their output. Web sites should not be able to directly link
to internal chrome pages. Additionally, the JavaScript debugger will
display “javascript:” links, which users could be tricked into clicking by
malicious sites. This vulnerability affects Firefox < 60.
Related
cvelist
cvelist
CVE-2018-5167
2018-06-11 21:00:00
redhatcve
redhatcve
CVE-2018-5167
2020-04-08 21:16:54
prion
prion
Code injection
2018-06-11 21:29:00
debiancve
debiancve
CVE-2018-5167
2018-06-11 21:29:00
cve
cve
CVE-2018-5167
2018-06-11 21:29:00
ubuntu
ubuntu
Firefox regression
2018-05-18 00:00:00
Firefox vulnerabilities
2018-05-11 00:00:00
openvas
openvas
Mozilla Firefox Security Advisories (MFSA2018-11, MFSA2018-12) - Windows
2018-05-11 00:00:00
Ubuntu: Security Advisory (USN-3645-1)
2018-05-12 00:00:00
Ubuntu: Security Advisory (USN-3645-2)
2018-05-19 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox regression (USN-3645-2)
2018-05-21 00:00:00
Mozilla Firefox < 60 Multiple Critical Vulnerabilities
2018-05-17 00:00:00
archlinux
archlinux
[ASA-201805-10] firefox: multiple issues
2018-05-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.0.1-alt1
2018-06-05 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 60 — Mozilla
2018-05-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-05-09 00:00:00
kaspersky
kaspersky
KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-05-09 00:00:00