CVE-2020-15676 log

Severity Medium
Remote No
Type Cross-site scripting
Firefox before 81.0 sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a content-editable element.
Group Package Affected Fixed Severity Status Ticket
AVG-1235 firefox 80.0.1-1 81.0-1 High Fixed
Date Advisory Group Package Severity Type
23 Sep 2020 ASA-202009-10 AVG-1235 firefox High multiple issues