vulnerability
Red Hat: CVE-2018-5168: Critical: firefox security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | May 9, 2018 | May 15, 2018 | Mar 3, 2021 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
May 9, 2018
Added
May 15, 2018
Modified
Mar 3, 2021
Description
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
Solutions
redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.