Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:27187
HistorySep 21, 2020 - 6:40 a.m.

Cross-site Scripting (XSS)

2020-09-2106:40:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
22

EPSS

0.002

Percentile

64.5%

firefox is vulnerable to cross-site scripting (XSS). The vulnerability exists when pasting a <style> tag from the clipboard into a rich text editor, and the CSS sanitizer does not escape < and > characters, and when a webpage subsequently copies the node’s innerHTML, and assigns it to another innerHTML.

References