← volver
CVE-2016-9903

CVE-2016-9903

EPSS 1.1%
Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox < 50.1.
Productos afectados
Mozilla · Firefox

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=1315435https://www.mozilla.org/security/advisories/mfsa2016-94/http://www.securityfocus.com/bid/94883http://www.securitytracker.com/id/1037461