---

CVE-2017-5458 - log back

CVE-2017-5458 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Local
Type	+ Cross-site scripting
Description	+ An issue has been found in Firefox < 53. When a javascript: URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5458 + https://bugzilla.mozilla.org/show_bug.cgi?id=1229426
Notes