2018-06-11 21:00:00
mozilla
PUBLISHED
Mozillas add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-ons context. This vulnerability affects Firefox < 50.1.