CVE-2018-12396 - log back

CVE-2018-12396 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Privilege escalation
Description
+ A security issue has been found in Firefox versions prior to 63.0, where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12396
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1483602
Notes