A security issue has been found in Firefox < 53, allowing to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar.
A security issue has been found in Firefox < 53, allowing to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5451 https://bugzilla.mozilla.org/show_bug.cgi?id=1273537