CVE-2017-5382

MEDIUM

Description

Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.

References

http://www.securityfocus.com/bid/95763

http://www.securitytracker.com/id/1037693

https://bugzilla.mozilla.org/show_bug.cgi?id=1295322

https://www.mozilla.org/security/advisories/mfsa2017-01/

Details

Source: MITRE

Published: 2018-06-11

Updated: 2018-08-07

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH