vulnerability
MFSA2016-54 Firefox: Partial same-origin-policy through setting location.host through data URI (CVE-2016-2825)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jun 7, 2016 | Jun 8, 2016 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jun 7, 2016
Added
Jun 8, 2016
Modified
Aug 11, 2025
Description
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
Solution
mozilla-firefox-upgrade-47_0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.