Mozilla Firefox CVE-2015-7195 Information Disclosure Vulnerability
Description
Security researcher Frans Rosn reported that URLs with certain escaped characters in hostnames are parsed incorrectly. This leads to parsing being abandoned when an effected escaped character is encountered followed by a navigation to the previously parsed version of the URL. When combined with a site allowing for navigation redirection that allows for escaped characters, this could lead to potential extraction of site specific tokens.
Affected Applications
Firefox