Mozilla · Firefox · CVE-2017-5393
**Name of the Vulnerable Software and Affected Versions**
Firefox versions prior to 51
**Description**
The issue allows for the installation of extensions from the CDN for addons.mozilla.org, which is a publicly accessible site. This could potentially enable malicious extensions to install additional extensions from the CDN when combined with a cross-site scripting (XSS) attack on Mozilla AMO sites.
**Recommendations**
For versions prior to 51, update to version 51 or later to resolve the issue.