漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
christophe_thibault k-meleon 漏洞
Vulnerability Description
K-Meleon 1.5.3允许见机行事的攻击者借助带有一个相对URI的window.open,欺骗地址栏在用户访问的网站上显示任意的文件:URL。如果用户被骗而访问了任意的文件:URL,就会触发该漏洞。
CVSS Information
N/A
Vulnerability Type
N/A