Security News > 2018 > January > Mozilla plugs critical and easily exploitable flaw in Firefox
2018-01-31 17:48
Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 contains one but very important security fix that plugs a vulnerability arising from insufficient sanitization of HTML fragments in chrome-privileged documents. (In this context, chrome is not the popular Google browser, but a component of Firefox.) The vulnerability (CVE-2018-5124) is considered critical because a successful exploit could allow … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-0F7lEkoz2A/
Related news
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language (source)
- Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage (source)
- Mozilla warns users to update Firefox before certificate expires (source)
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2018-5124 | Cross-site Scripting vulnerability in Mozilla Firefox Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1. | 6.1 |