CVE-2016-5267
MEDIUMMozilla Firefox < 47.0.1 - Improper Input Validation
Title source: ruleDescription
Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.
References (5)
Scores
CVSS v3
5.3
EPSS
0.0037
EPSS Percentile
58.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Classification
CWE
CWE-20
Status
draft
Affected Products (1)
mozilla/firefox
< 47.0.1
Timeline
Published
Aug 05, 2016
Tracked Since
Feb 18, 2026