Vulnerabilities > Mozilla > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2018-5111 | Improper Input Validation vulnerability in multiple products When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. | 6.5 |
2018-06-11 | CVE-2018-5110 | Improper Input Validation vulnerability in Mozilla Firefox If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. | 5.3 |
2018-06-11 | CVE-2018-5109 | Origin Validation Error vulnerability in multiple products An audio capture session can started under an incorrect origin from the site making the capture request. | 5.3 |
2018-06-11 | CVE-2018-5108 | Information Exposure vulnerability in multiple products A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. | 4.3 |
2018-06-11 | CVE-2018-5107 | Link Following vulnerability in multiple products The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. | 5.3 |
2018-06-11 | CVE-2018-5106 | Information Exposure vulnerability in multiple products Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. | 5.3 |
2018-06-11 | CVE-2017-7848 | Injection vulnerability in multiple products RSS fields can inject new lines into the created email structure, modifying the message body. | 5.3 |
2018-06-11 | CVE-2017-7847 | Information Exposure vulnerability in multiple products Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. | 4.3 |
2018-06-11 | CVE-2017-7844 | Information Exposure vulnerability in Mozilla Firefox A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. | 6.5 |
2018-06-11 | CVE-2017-7842 | Information Exposure vulnerability in Mozilla Firefox If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. | 5.3 |