Announced: January 24, 2017
Reporter: Jordi Chancel
Fixed in: Firefox 51
- Description :
Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly.
Note: This issue only affects Firefox for Android. Other operating systems are not affected.
Vulnerability demonstration (video):