{
  "affected": [
    {
      "database_specific": {
        "unresolved_ranges": [
          {
            "events": [
              {
                "introduced": "0"
              },
              {
                "fixed": "53.0"
              }
            ]
          }
        ]
      }
    }
  ],
  "details": "When a \"javascript:\" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox \u003c 53.",
  "id": "CVE-2017-5458",
  "modified": "2026-03-13T21:56:56.588731790Z",
  "published": "2018-06-11T21:29:06.937Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://www.securityfocus.com/bid/97940"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.securitytracker.com/id/1038320"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/security/advisories/mfsa2017-10/"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1229426"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}