CVE-2018-12370 — Cross-Site Request Forgery in Mozilla Firefox

CWE-352 — Cross-Site Request Forgery CWE-829 — Inclusion of Functionality from Untrusted Control Sphere10 documents7 sources

Severity

8.8HIGHNVD

OSV4.3

EPSS

0.3%

top 47.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Debian Firefox Canonical Ubuntu Linux

Timeline

PublishedOct 18

Latest updateMay 14

Description

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox < 61.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/firefox< firefox 61.0-1 (sid)

▶CVEListV5mozilla/firefoxunspecified — 61

▶NVDmozilla/firefox< 61.0

▶Ubuntumozilla/firefox< 61.0.1+build1-0ubuntu0.14.04.1+5

Also affects: Ubuntu Linux 14.04, 16.04, 17.10, 18.04

Patches

Patch: bugzilla.mozilla.org ↗Patch: bugzilla.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-v7w8-65gc-378f: In Reader View SameSite cookie protections are not checked on exiting↗2022-05-14

▶

OSV

firefox regressions↗2018-07-10

▶

OSV

firefox vulnerabilities↗2018-07-05

▶

OSV

CVE-2018-12370: In Reader View SameSite cookie protections are not checked on exiting↗2018-06-27

▶

📋Vendor Advisories

Ubuntu

Firefox regressions↗2018-07-10

▶

Ubuntu

Firefox vulnerabilities↗2018-07-05

▶

Red Hat

Mozilla: SameSite cookie protections bypassed when exiting Reader View↗2018-06-26

▶

Debian

CVE-2018-12370: firefox - In Reader View SameSite cookie protections are not checked on exiting. This allo...↗2018

▶

💬Community

Bugzilla

CVE-2018-12370 Mozilla: SameSite cookie protections bypassed when exiting Reader View↗2018-06-26

▶