Lucene search
K

5 matches found

Debian CVE
Debian CVE
added 2020/12/09 12:19 a.m.60 views

CVE-2020-26951

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS7.8AI score0.01038EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/30 8:27 p.m.4 views

Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS7.4AI score0.01038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:37 a.m.1 views

Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS7.4AI score0.01038EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/11/18 1:8 a.m.41 views

CVE-2020-26951

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS4.5AI score0.01038EPSS
Exploits0References4
CNVD
CNVD
added 2020/11/18 12:0 a.m.2 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2020-65141)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. FireFox suffers from a cross-site scripting vulnerability that stems from a mismatch between parsing and event loading in SVG code that could result in a load event being triggered, even after being...

6.1CVSS7.9AI score0.01038EPSS
Exploits0References1
Rows per page
Query Builder