Lucene search
MozillaCVELIST:CVE-2022-22758HistoryDec 22, 2022 - 12:00 a.m.
CVE-2022-22758
2022-12-2200:00:00
mozilla
www.cve.org
firefox for android
tel link
ussd codes
cross-site request forgery
vulnerability
When clicking on a tel: link, USSD codes, specified after a <code>*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user’s account, similar to a cross-site request forgery attack.<br>This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 97.
CNA Affected
[
{
"vendor": "Mozilla",
"product": "Firefox",
"versions": [
{
"version": "unspecified",
"lessThan": "97",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Denial Of Service (DoS)
2022-02-14 09:43:10
prion
prion
Cross site request forgery (csrf)
2022-12-22 20:15:00
nvd
nvd
CVE-2022-22758
2022-12-22 20:15:19
ubuntucve
ubuntucve
CVE-2022-22758
2022-12-22 00:00:00
cve
cve
CVE-2022-22758
2022-12-22 20:15:19
alpinelinux
alpinelinux
CVE-2022-22758
2022-12-22 20:15:19
debiancve
debiancve
CVE-2022-22758
2022-12-22 20:15:19
nessus
nessus
Mozilla Firefox < 97.0
2022-02-08 00:00:00
Mozilla Firefox < 97.0
2022-02-08 00:00:00
GLSA-202202-03 : Mozilla Firefox: Multiple vulnerabilities
2022-03-17 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 97 — Mozilla
2022-02-08 00:00:00
kaspersky
kaspersky
KLA12448 Multiple vulnerabilities in Mozilla Firefox
2022-02-08 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2022-02-21 00:00:00