Endpoint Vulnerability

Elevation of privilege with chrome.tabs.update API in web extensions

Description

Security researcher Muneaki Nishimura (nishimunea) of Recruit Technologies Co., Ltd. reported that the chrome.tabs.update API for web extensions allows for navigation to javascript: URLs without additional permissions. This can used to elevate privilege for a universal cross-site scripting (XSS) attack by a malicious web extension. It can also be used to inject content into other extensions if they load content within browser tabs.

Affected Products

Firefox

References

CVE-2016-2817,