Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2016-08-05T01:00:00
Updated: 2017-08-15T09:57:01
Reserved: 2016-06-03T00:00:00
Link: CVE-2016-5260
JSON object: View
NVD Information
Status : Modified
Published: 2016-08-05T01:59:16.033
Modified: 2017-08-16T01:29:09.210
Link: CVE-2016-5260
JSON object: View
Redhat Information
No data.
CWE