CVE

CVE-2016-5260

CVE-2016-5260

Mozilla Firefox before 48.0 mishandles changes from ‘INPUT type="password"’ to ‘INPUT type="text"’ within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.

Source: CVE-2016-5260

Exit mobile version