Non-persistent Denial of Service (DOS) Attack via about:crashcontent and about:crashparent Pages in Firefox < 64

Non-persistent Denial of Service (DOS) Attack via about:crashcontent and about:crashparent Pages in Firefox < 64

CVE-2018-18510 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.

Learn more about our Web App Pen Testing.