Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-duj8-zd4h-u7at
Vulnerability ID VCID-duj8-zd4h-u7at
Aliases CVE-2015-2745
Summary Security researcher Muneaki Nishimura reported an issue with Gaia's System app which allows an attacker to inject HTML code into the System app's context via specially-crafted search links. The injection occurs when the user opens such malicious link in the browser and then presses the HOME button or uses the Show Windows function.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
epss 0.00322 https://api.first.org/data/v1/epss?cve=CVE-2015-2745
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2015-73
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2015-2745
CVE-2015-2745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2745
mfsa2015-73 https://www.mozilla.org/en-US/security/advisories/mfsa2015-73
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.55136
EPSS Score 0.00322
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:18:24.628027+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-73.md 38.0.0