cve/2017/CVE-2017-5386.md
2024-06-18 02:51:15 +02:00

1005 B

CVE-2017-5386

Description

WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

POC

Reference

Github

No PoCs found on GitHub currently.