CVE-2018-18499 — Origin Validation Error in Mozilla Firefox

CWE-346 — Origin Validation Error CWE-829 — Inclusion of Functionality from Untrusted Control Sphere6 documents6 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 69.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird +3 more

Timeline

PublishedFeb 28

Latest updateMay 14

Description

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages10 packages

▶debiandebian/firefox< firefox 62.0-1 (sid)

▶CVEListV5mozilla/firefoxunspecified — 62

▶NVDmozilla/firefox< 62.0

▶debiandebian/firefox-esr< firefox 62.0-1 (sid)

▶CVEListV5mozilla/firefox_esrunspecified — 60.2

🔴Vulnerability Details

GHSA

GHSA-h7hh-7f6j-x9mh: A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection↗2022-05-14

▶

OSV

CVE-2018-18499: A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection↗2019-02-28

▶

📋Vendor Advisories

Red Hat

Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs↗2018-09-05

▶

Debian

CVE-2018-18499: firefox - A same-origin policy violation allowing the theft of cross-origin URL entries wh...↗2018

▶

💬Community

Bugzilla

CVE-2018-18499 Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs↗2020-06-23

▶