XSS in Mozilla Firefox_os
CVE-2015-2744
Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the t…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (49.9th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox_os
- N/a — versions n/a
Weakness classification (CWE)
References
- security@mozilla.org (x_refsource_CONFIRM, Vendor Advisory)
- security@mozilla.org (x_refsource_CONFIRM)