Information disclosure vulnerability in Mozilla Firefox - CVE-2018-5176 (Mac OS X)ID: oval:org.secpod.oval:def:45535 | Date: (C)2018-05-11 (M)2023-12-20 |
Class: VULNERABILITY | Family: macos |
Mozilla Firefox before 60.0 : The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including javascript: links. If a JSON file contains malicious JavaScript script embedded as javascript: links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |