CVE-2018-5166

Publication date

2018-06-11 21:00:00

Family

mozilla

State

PUBLISHED

Description

WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.