Medium severity4.3NVD Advisory· Published Jul 9, 2020· Updated Jun 17, 2026
CVE-2020-12412
CVE-2020-12412
Description
By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<70+ 1 more
- (no CPE)range: <70
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPermissions RequiredVendor Advisory
- www.mozilla.org/security/advisories/mfsa2019-34/nvdVendor Advisory
News mentions
0No linked articles in our index yet.