CVE-2020-12412

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/07/2020
Last modified:
13/07/2020

Description

By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 70.0 (excluding)