CVE-2020-26956 log

Severity Medium
Remote Yes
Type Cross-site scripting
A security issue has been found in Firefox before 83.0 where, in some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS.
Group Package Affected Fixed Severity Status Ticket
AVG-1279 firefox 82.0.3-1 83.0-1 Critical Fixed
Date Advisory Group Package Severity Type
17 Nov 2020 ASA-202011-12 AVG-1279 firefox Critical multiple issues