Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2016-83

Spoofing attack through text injection into internal error pages

Announced
August 2, 2016
Reporter
musicDespiteEverything
Impact
Low
Products
Firefox
Fixed in
  • Firefox 48

Description

Security researcher musicDespiteEverything reported that some of the special about: URLs used by Firefox to display system information or error messages can incorporate text passed as parmeters. These could be used in spoofing attacks.

References