Search for vulnerabilities
Vulnerability ID | VCID-tsaz-z2hg-9bcw |
Aliases |
CVE-2016-1965
|
Summary | Security researcher Tsubasa Iinuma reported a mechanism where the displayed addressbar can be spoofed to users. This issue involves using history navigation in concert with the Location protocol property. After navigating from a malicious page to another, if the user navigates back to the initial page, the displayed URL will not reflect the reloaded page. This could be used to trick users into potentially treating the page as a different and trusted site. |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 0.0 |
Risk | None |
Affected and Fixed Packages | Package Details |
There are no known CWE. |
Reference id | Reference type | URL |
---|---|---|
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1965.json | ||
https://api.first.org/data/v1/epss?cve=CVE-2016-1965 | ||
1315775 | https://bugzilla.redhat.com/show_bug.cgi?id=1315775 | |
CVE-2016-1965 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965 | |
mfsa2016-28 | https://www.mozilla.org/en-US/security/advisories/mfsa2016-28 | |
RHSA-2016:0373 | https://access.redhat.com/errata/RHSA-2016:0373 | |
USN-2917-1 | https://usn.ubuntu.com/2917-1/ |
Percentile | 0.62044 |
EPSS Score | 0.00435 |
Published At | Aug. 14, 2025, 12:55 p.m. |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
2025-07-31T08:10:15.992704+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2016/mfsa2016-28.md | 37.0.0 |