Security Advisory

CVE-2018-12369

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-18 13:00:00

Last updated 2024-08-05 08:31:00

Assigner mozilla

State PUBLISHED

Description

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.

← Browse all CVEs View on cve.org ↗