Vulnerability Details CVE-2015-8510
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted web site that is mishandled during "Add to home screen" bookmarking.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2015-8510
-
cpe:2.3:o:mozilla:firefox_os:-
-
cpe:2.3:o:mozilla:firefox_os:2.2