Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34591
HistoryMar 10, 2022 - 4:23 a.m.

Remote Code Execution (RCE)

2022-03-1004:23:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
remote code execution
firefox
vulnerability
iframe
sandbox
access validation

EPSS

0.004

Percentile

74.6%

firefox is vulnerable to remote code execution. The vulnerability exists due to a lack of validation of access allowing and attacker to control the contents of an iframe sandboxed with allow-popups but not allow-scripts.