Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-7815

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.9%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2017-7815


Contact Us

Shodan ® - All rights reserved