Sensitive Full-Pathname Information Disclosure in Mozilla Firefox

Sensitive Full-Pathname Information Disclosure in Mozilla Firefox

CVE-2016-5279 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.

Learn more about our User Device Pen Test.