Security Advisory

CVE-2018-18495

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-02-28 18:00:00

Last updated 2024-08-05 11:08:21

Assigner mozilla

State PUBLISHED

Description

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

← Browse all CVEs View on cve.org ↗