Same-origin bypass vulnerability in Firefox PDF Viewer
CVE-2018-5157 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
Learn more about our Web App Pen Testing.