← back
CVE-2018-12403

CVE-2018-12403

EPSS 1.9%
If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63.
Affected products
Mozilla · Firefox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1484753https://usn.ubuntu.com/3801-1/https://www.mozilla.org/security/advisories/mfsa2018-26/http://www.securityfocus.com/bid/105721http://www.securitytracker.com/id/1041944