Description
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2018-10222 | Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64. |
Ubuntu USN |
USN-3844-1 | Firefox vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2024-08-05T11:08:21.995Z
Reserved: 2018-10-19T00:00:00.000Z
Link: CVE-2018-18497
No data.
Status : Modified
Published: 2019-02-28T18:29:01.790
Modified: 2026-06-17T01:47:24.227
Link: CVE-2018-18497
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-20
Improper Input Validation
-
CWE-270
Privilege Context Switching Error
-
CWE-552
Files or Directories Accessible to External Parties
-
CWE-59
Improper Link Resolution Before File Access ('Link Following')
- NVD-CWE-noinfo
EUVD
Ubuntu USN