Security News > 2018 > January > Mozilla plugs critical and easily exploitable flaw in Firefox

Mozilla plugs critical and easily exploitable flaw in Firefox
2018-01-31 17:48

Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 contains one but very important security fix that plugs a vulnerability arising from insufficient sanitization of HTML fragments in chrome-privileged documents. (In this context, chrome is not the popular Google browser, but a component of Firefox.) The vulnerability (CVE-2018-5124) is considered critical because a successful exploit could allow … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/-0F7lEkoz2A/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-04-26 CVE-2018-5124 Cross-site Scripting vulnerability in Mozilla Firefox
Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.
network
low complexity
mozilla CWE-79
6.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mozilla 29 13 631 583 266 1493