5 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-23986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this...
CVE-2021-23986
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have...
CVE-2021-23986
CVE-2021-23986 concerns a vulnerability in Firefox prior to 87 where a malicious extension with the 'search' permission could install a new search engine whose favicon referenced a cross-origin URL. The extension could read the cross-origin response, bypassing same-origin policy, though the reque...
UBUNTU-CVE-2021-23986
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have...
Mozilla Firefox < 87.0
"The version of Firefox installed on the remote macOS or Mac OS X host is prior to 87.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-10 advisory. - Mozilla developers Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 86. Some ...