cve/2015/CVE-2015-7191.md

CVE-2015-7191

Description

Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."

POC

Reference

• http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Github

No PoCs found on GitHub currently.