CVE-2018-5115

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 58

Description: The issue is related to an authentication error in Mozilla Firefox when handling HTTP requests. This can lead to user confusion about the origin of an authentication request, potentially causing users to send private credentials to a third-party site. The problem arises when an HTTP authentication prompt is triggered by a background network request and is displayed over the currently loaded page, making it difficult for users to identify the real domain making the request.

Recommendations: For versions prior to 58, update to version 58 or later to resolve the issue. As a temporary workaround, consider being cautious when encountering HTTP authentication prompts, especially if they appear over a foreground page, and verify the domain making the request to avoid sending credentials to unauthorized sites.