{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T01:14:10.921","vulnerabilities":[{"cve":{"id":"CVE-2017-5453","sourceIdentifier":"security@mozilla.org","published":"2018-06-11T21:29:06.703","lastModified":"2024-11-21T03:27:39.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's \"TITLE\" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox < 53."},{"lang":"es","value":"Mecanismo para inyectar HTML estático en la página de previsualización del lector RSS debido a un error a la hora de escapar caracteres enviados como parámetros de URL para un elemento \"TITLE\" de un feed. Esta vulnerabilidad permite la suplantación, pero no se puede ejecutar el contenido que no esté en script. La vulnerabilidad afecta a Firefox en versiones anteriores a la 53."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"53.0","matchCriteriaId":"83FECC93-8DC3-41D0-8E53-45E1F4D53321"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/97940","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038320","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321247","source":"security@mozilla.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-10/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97940","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038320","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1321247","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2017-10/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}