Confirm
180
edits
Changes
no edit summary
;'''sec-critical''': Exploitable vulnerabilities which can lead to the widespread compromise of many users.
{| class="wikitable collapsible collapsed" style="width: 100%"
! ''sec-critical Examples:''
|-
;'''sec-high''': Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions. Indefinite DoS of the user's system, requiring OS reinstallation or extensive cleanup. Exploitable web vulnerabilities that can lead to the targeted compromise of a small number of users.
{| class="wikitable collapsible collapsed" style="width: 100%"
! ''sec-high Examples:''
|-
;'''sec-moderate''': Vulnerabilities which can provide an attacker additional information or positioning that could be used in combination with other vulnerabilities. Disclosure of sensitive information that represents a violation of privacy but by itself does not expose the user or organization to immediate risk. The vulnerability combined with another moderate vulnerability could result in an attack of high or critical severity (aka stepping stone). Indefinite application Denial of Service (DoS) via corruption of state, requiring application re-installation or temporary DoS of the user's system, requiring reboot. The lack of standard defense in depth techniques and security controls.
{| class="wikitable collapsible collapsed" style="width: 100%"
! ''sec-moderate Examples:''
|-
;'''sec-low''': Minor security vulnerabilities such as leaks or spoofs of non-sensitive information. Missing best practice security controls
{| class="wikitable collapsible collapsed" style="width: 100%"
! ''sec-low Examples:''
|-
;'''sec-other''': Bugs that may not be exploitable security issues but are kept confidential to protect sensitive information. Bugs that contain sensitive information about the bug submitter or another user Bugs that are related to security issues currently unfixed in Mozilla products or other products
{| class="wikitable collapsible collapsed" style="width: 100%"
! ''sec-other Examples:''
|-
=== Shared Keywords ===
{| style="width: 800px;" class="wikitable collapsible collapsed fullwidth-table"
! Shared Keywords
|-
=== Group Keywords ===
{| style="width: 800px;" class="wikitable collapsible collapsed fullwidth-table"
! Group Keywords
|-
| Client Security (ie. Firefox, Thunderbird, etc)
|
{|class="wikitable collapsible collapsed fullwidth-table"
! csec-
|-
| Web Security (Web Sites, Web Services, etc)
|
{|class="wikitable collapsible collapsed fullwidth-table"
! wsec-
|-
| Operations Security (Mozilla owned & operated severs and services)
|
{|class="wikitable collapsible collapsed fullwidth-table"
! opsec-
|-
|}
=== Whiteboard Tags ===
{| style="width: 800px;" class="wikitable collapsible collapsed fullwidth-table"
! Whiteboard Tags
|-
|}
=== Feature Page Codes ===
{| style="width: 800px;" class="wikitable collapsible collapsed fullwidth-table"
! Feature Page Codes
|-
|}
=== Flags ===
{| style="width: 800px;" class="wikitable collapsible collapsed fullwidth-table"
! Flags
|-
|}
=== Priority Matrix===
{| class="wikitable collapsible collapsed" style="width: 100%"
! Priority Matrix (primarily OpSec)
|-
