Mozilla Firefox CVE-2015-7195 Information Disclosure Vulnerability

description-logoDescription

Security researcher Frans Rosn reported that URLs with certain escaped characters in hostnames are parsed incorrectly. This leads to parsing being abandoned when an effected escaped character is encountered followed by a navigation to the previously parsed version of the URL. When combined with a site allowing for navigation redirection that allows for escaped characters, this could lead to potential extraction of site specific tokens.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2015-7195