Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 88.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.13-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.14-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.15-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.16-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | firefox | < 88.0-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | firefox | < 88.0-r0 | UNKNOWN |