Mozilla Firefox, an open source Web browser from the Mozilla Foundation, is vulnerable to an input validation error in Mozilla Firefox ESR that results from a parameter URL containing spaces that is not properly escaped when invoking a protocol handler for an external protocol. A remote attacker could trick a victim into clicking on a specially crafted link and passing the unescaped input to a third-party application via a URI handler.
CPE | Name | Operator | Version |
---|---|---|---|
mozilla firefox | lt | 95.0 |