Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox异步HTTP授权提示信息泄露漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox的异步授权提示的toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js存在未明漏洞。由于没有正确的过滤当前用户从多个网页提交的请求,恶意网页可以诱骗用户打开到可信任服务的新标签页或弹出框,恶意网页的HTTP授权提示看起来为可信任网页的登录提示。
CVSS Information
N/A
Vulnerability Type
N/A