Cross-Site Scripting (XSS) Vulnerability in Firefox < 55
CVE-2017-7799 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack. This vulnerability affects Firefox < 55.
Learn more about our Web App Pen Testing.