mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
870 B
870 B
CVE-2016-5265
Description
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.
POC
Reference
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1278013
Github
No PoCs found on GitHub currently.