Issue
The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page.
Impact to users
If a user visits a page hosting this malicious code, a new window or tab can be opened with a faked URL. There is no way of determining if the URL is authentic. This could result in the user disclosing confidential information to the malicious site, known as a phishing attack.
Status
This vulnerability is known to affect all current versions of Firefox. Mozilla is actively working on fixing this vulnerability. Users can mitigate this vulnerability by only sharing confidential information with websites that were opened from a bookmark, a trusted source, or by manually opening a new tab or window and entering a URL.
Credit
This issue was originally reported by Juan Pablo Lopez Yacubian.
LpSolit
wrote on
Buggie
wrote on
LpSolit
wrote on
Confused
wrote on
SOY
wrote on
Zack
wrote on
Confused
wrote on
AndrewM
wrote on
Douglas Haire
wrote on
Daniel Veditz
wrote on
Byron
wrote on
Daniel Veditz
wrote on
Greg R.
wrote on
Daniel Veditz
wrote on
Internet Protection
wrote on