CVE-2016-9903 - log back

CVE-2016-9903 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/#CVE-2016-9903
Notes