Spoofing attack through text injection into internal error pages
Announced
August 2, 2016
Reporter
musicDespiteEverything
Impact
Low
Products
Firefox
Fixed in
Firefox 48
Description
Security researcher musicDespiteEverything reported that some of the
special about: URLs used by Firefox to display system information or error
messages can incorporate text passed as parmeters. These could be used in spoofing
attacks.