Main Vulnerability Database Vulnerabilities #VU46020

#VU46020 Spoofing attack in Mozilla Firefox - CVE-2020-15665

Published: August 25, 2020

Vulnerability identifier: #VU46020

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-15665

CWE-ID: CWE-451

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to Firefox does not reset the address bar after the beforeunload dialog is shown if the user chooses to remain on the page. As a result, an incorrect URL is shown in the address bar.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/

#VU46020 Spoofing attack in Mozilla Firefox - CVE-2020-15665

Description

Remediation

External links

Please verify you're human