Search for vulnerabilities
Vulnerability ID | VCID-rzxy-2ndy-wbes |
Aliases |
CVE-2016-1958
|
Summary | Security researcher Abdulrahman Alqabandi reported an issue where an attacker can load an arbitrary web page but the addressbar's displayed URL will be blank or filled with page defined content. This can be used to obfuscate which page is currently loaded and allows for an attacker to spoof an existing page without the malicious page's address being displayed correctly. |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 0.0 |
Risk | None |
Affected and Fixed Packages | Package Details |
There are no known CWE. |
Reference id | Reference type | URL |
---|---|---|
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1958.json | ||
https://api.first.org/data/v1/epss?cve=CVE-2016-1958 | ||
1315574 | https://bugzilla.redhat.com/show_bug.cgi?id=1315574 | |
CVE-2016-1958 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958 | |
mfsa2016-21 | https://www.mozilla.org/en-US/security/advisories/mfsa2016-21 | |
RHSA-2016:0373 | https://access.redhat.com/errata/RHSA-2016:0373 | |
USN-2917-1 | https://usn.ubuntu.com/2917-1/ |
Percentile | 0.66549 |
EPSS Score | 0.00538 |
Published At | July 30, 2025, 12:55 p.m. |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
2025-07-31T08:10:14.159425+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2016/mfsa2016-21.md | 37.0.0 |