Outlook Email Message Drag-and-Drop URL Interpretation Vulnerability

Outlook Email Message Drag-and-Drop URL Interpretation Vulnerability

CVE-2018-12381 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.

Learn more about our Cis Benchmark Audit For Operating Systems.