---

CVE-2018-5173 - log back

CVE-2018-5173 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Content spoofing
Description	+ The filename appearing in the Downloads panel in Firefox before 60.0 improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5173 + https://bugzilla.mozilla.org/show_bug.cgi?id=1438025
Notes