CVE-2018-12397: A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed…

high7.1CVSS 3.0

AVLACLPRLUINSUCHIHAN

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

Affected

25 ranges

Vendor	Product	Version range	Fixed in
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	firefox	< firefox 63.0-1 (sid)	firefox 63.0-1 (sid)
debian	firefox-esr	< firefox 63.0-1 (sid)	firefox 63.0-1 (sid)
mozilla	firefox	< 60.3.0	60.3.0
mozilla	firefox	< 63.0	63.0
mozilla	firefox	>= 0 < 63.0.3+build1-0ubuntu0.14.04.1	63.0.3+build1-0ubuntu0.14.04.1
mozilla	firefox	>= 0 < 63.0+build2-0ubuntu0.14.04.2	63.0+build2-0ubuntu0.14.04.2
mozilla	firefox	>= 0 < 63.0.3+build1-0ubuntu0.16.04.1	63.0.3+build1-0ubuntu0.16.04.1
mozilla	firefox	>= 0 < 63.0+build2-0ubuntu0.16.04.2	63.0+build2-0ubuntu0.16.04.2
mozilla	firefox	>= 0 < 63.0.3+build1-0ubuntu0.18.04.1	63.0.3+build1-0ubuntu0.18.04.1
mozilla	firefox	>= 0 < 63.0+build2-0ubuntu0.18.04.2	63.0+build2-0ubuntu0.18.04.2
mozilla	firefox	>= unspecified < 63	63
mozilla	firefox_esr	>= unspecified < 60.3	60.3
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_workstation	—	—
redhat	enterprise_linux_workstation	—	—

CVSS provenance

nvdv3.07.1HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

osv8.8HIGH