167 matches found
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation
The Mozilla Foundation Security Advisory describes this flaw as: Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks...
USN-5816-1 firefox vulnerabilities
Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...
USN-5816-1: Firefox vulnerabilities
Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...
RHEL 9 : firefox (RHSA-2023:0286)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0286 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0112-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0112-1 advisory. - Updated to version 102.7.0 ESR bsc1207119: - CVE-2022-46871: Updated an out of date library libusrsctp which contained several...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0111-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0111-1 advisory. - Updated to version 102.7.0 ESR bsc1207119: - CVE-2022-46871: Updated an out of date library libusrsctp which contained several...
CVE-2023-23601
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird 102.7...
KLA20174 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability in libusrsctp can be exploited...
Mozilla Firefox ESR < 102.7
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-02 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and...
CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...
CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...
DEBIAN-CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...
Cross site scripting
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...
CVE-2022-38473
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions such as microphone or camera access. This vulnerability affects Thunderbird 102.2, Thunderbird 91.13, Firefox ESR 91.13, Firefox ESR 102.2, and Firefox 104...