{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T10:06:11.703","vulnerabilities":[{"cve":{"id":"CVE-2017-5452","sourceIdentifier":"security@mozilla.org","published":"2018-06-11T21:29:06.657","lastModified":"2024-11-21T03:27:39.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53."},{"lang":"es","value":"Los sitios maliciosos pueden mostrar una barra de direcciones suplantada en una página cuando la barra de direcciones existente en la nueva página se deja de ver al desplazarse si un elemento HTML editable de página es seleccionado por el usuario. Nota: este ataque solo afecta a Firefox para Android. Otros sistemas operativos no se han visto afectados. La vulnerabilidad afecta a Firefox en versiones anteriores a la 53."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"53.0","matchCriteriaId":"83FECC93-8DC3-41D0-8E53-45E1F4D53321"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/97940","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038320","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1344517","source":"security@mozilla.org","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-10/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97940","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038320","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1344517","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-10/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}