VYPR
High severity7.3NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026

CVE-2017-5386

CVE-2017-5386

Description

WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

25

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.