4.3
CVSSv2

CVE-2017-5420

Published: 11/06/2018 Updated: 07/08/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an malicious user to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox

Vendor Advisories

A javascript: url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the address bar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly ...
USN-3216-1 introduced a regression in Firefox ...
Firefox could be made to crash or run programs as your login if it opened a malicious website ...
Arch Linux Security Advisory ASA-201703-3 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 CVE-2017-5412 CVE ...
Security vulnerabilities fixed in Firefox 52 Announced March 7, 2017 Impact critical Products Firefox Fixed in Firefox 52 ...