CVE-2018-18495

EPSS 1.7%

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 1.7%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

28 fev 2019Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

Produtos afetados

Mozilla · Firefox

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://bugzilla.mozilla.org/show_bug.cgi?id=1427585 https://usn.ubuntu.com/3844-1/https://www.mozilla.org/security/advisories/mfsa2018-29/http://www.securityfocus.com/bid/106167