CVE-2013-5594UI Misrepresentation / Clickjacking in Mozilla Firefox

CWE-1021UI Misrepresentation / Clickjacking3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 50.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxDebian Firefox-esr
Timeline
PublishedFeb 18
Latest updateMay 5

Description

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

NVDmozilla/firefox< 25.0
CVEListV5mozilla/firefoxbefore 2013

🔴Vulnerability Details

1
GHSA
GHSA-mfx4-92v4-cw72: Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem2022-05-05

📋Vendor Advisories

1
Debian
CVE-2013-5594: firefox-esr - Mozilla Firefox before 25 allows modification of anonymous content of pluginProb...2013