2 matches found
CVE-2021-23976
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...
CVE-2021-23976
The CVE-2021-23976 entry concerns Firefox for Android where accepting a malicious intent from other installed apps allowed manifests from arbitrary file paths and permitting declaring webapp manifests for other origins. This underlies potential fullscreen UI spoofing and cross-origin attacks on t...