EPSS
Percentile
66.0%
firefox is vulnerable to cross-site scripting (XSS). The vulnerability exists as the CSS Sanitizer can incorrectly remove components, resulting in a sanitizer bypass.
CSS Sanitizer
bugzilla.mozilla.org/show_bug.cgi?id=1680084
git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-26973
www.mozilla.org/security/advisories/mfsa2020-54/
www.mozilla.org/security/advisories/mfsa2020-55/
www.mozilla.org/security/advisories/mfsa2020-56/