Lucene search
Redhat.comRH:CVE-2018-5167HistoryApr 08, 2020 - 9:16 p.m.
CVE-2018-5167
2020-04-0821:16:54
redhat.com
access.redhat.com
13
EPSS
0.003
Percentile
66.3%
The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display “chrome:” links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display “javascript:” links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox < 60.
Related
cvelist
cvelist
CVE-2018-5167
2018-06-11 21:00:00
debiancve
debiancve
CVE-2018-5167
2018-06-11 21:29:15
cve
cve
CVE-2018-5167
2018-06-11 21:29:15
ubuntucve
ubuntucve
CVE-2018-5167
2018-05-11 00:00:00
prion
prion
Code injection
2018-06-11 21:29:00
nvd
nvd
CVE-2018-5167
2018-06-11 21:29:15
ubuntu
ubuntu
Firefox regression
2018-05-18 00:00:00
Firefox vulnerabilities
2018-05-11 00:00:00
archlinux
archlinux
[ASA-201805-10] firefox: multiple issues
2018-05-13 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3645-1)
2018-05-12 00:00:00
Ubuntu: Security Advisory (USN-3645-2)
2018-05-19 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-11, MFSA2018-12) - Windows
2018-05-11 00:00:00
nessus
nessus
Mozilla Firefox < 60 Multiple Critical Vulnerabilities
2018-05-17 00:00:00
Mozilla Firefox < 60 Multiple Critical Vulnerabilities (macOS)
2018-05-17 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 60 — Mozilla
2018-05-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-05-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.0.1-alt1
2018-06-05 00:00:00
kaspersky
kaspersky
KLA11246 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2018-05-09 00:00:00