VYPR
Unrated severityNVD Advisory· Published Feb 28, 2019· Updated Aug 5, 2024

CVE-2018-12397

CVE-2018-12397

Description

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.