SVG Image History Query Vulnerability in Firefox 57.0.1 and Earlier

SVG Image History Query Vulnerability in Firefox 57.0.1 and Earlier

CVE-2017-7844 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1.

Learn more about our Web App Pen Testing.