Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the messages mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 62.0 (excluding) |
Firefox_esr | Mozilla | * | 60.2.0 (excluding) |
Firefox | Ubuntu | upstream | * |