| Revision Date: | 2022-06-30 | Version: | 1 |
| Title: | CVE-2017-7839 |
| Description: |
Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2017-7839
Mitre CVE-2017-7839
SUSE CVE-2017-7839
|
| Platform(s): | openSUSE Leap 15.0
openSUSE Tumbleweed
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.0 is installed AND Package Information
MozillaFirefox-60.0-lp150.2 is installed
AND MozillaFirefox is signed with openSUSE key
OR
MozillaFirefox-translations-common-60.0-lp150.2 is installed
AND MozillaFirefox-translations-common is signed with openSUSE key
OR
MozillaFirefox-translations-other-60.0-lp150.2 is installed
AND MozillaFirefox-translations-other is signed with openSUSE key
|
| Definition Synopsis |
| openSUSE Tumbleweed is installed
AND Package Information
MozillaFirefox-92.0-1.2 is installed
OR MozillaFirefox-branding-upstream-92.0-1.2 is installed
OR MozillaFirefox-devel-92.0-1.2 is installed
OR MozillaFirefox-translations-common-92.0-1.2 is installed
OR MozillaFirefox-translations-other-92.0-1.2 is installed
|