Address Bar Spoofing Vulnerability in Firefox for Android

Address Bar Spoofing Vulnerability in Firefox for Android

CVE-2017-5450 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This vulnerability affects Firefox < 53.

Learn more about our Cis Benchmark Audit For Google Android.