Cross-Site Scripting (XSS) Vulnerability in Firefox < 55

Cross-Site Scripting (XSS) Vulnerability in Firefox < 55

CVE-2017-7799 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack. This vulnerability affects Firefox < 55.

Learn more about our Web App Pen Testing.