Security News > 2018 > January > Mozilla plugs critical and easily exploitable flaw in Firefox
2018-01-31 17:48
Firefox users would do well to upgrade to the browser’s latest release if they want to keep their computers safe from compromise. Released on Monday, Firefox 58.0.1 contains one but very important security fix that plugs a vulnerability arising from insufficient sanitization of HTML fragments in chrome-privileged documents. (In this context, chrome is not the popular Google browser, but a component of Firefox.) The vulnerability (CVE-2018-5124) is considered critical because a successful exploit could allow … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-0F7lEkoz2A/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2018-5124 | Cross-site Scripting vulnerability in Mozilla Firefox Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1. | 6.1 |