CVE-2020-26958 log

Source
Severity Medium
Remote Yes
Type Access restriction bypass
Description
Firefox before 83.0 did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass.
Group Package Affected Fixed Severity Status Ticket
AVG-1279 firefox 82.0.3-1 83.0-1 Critical Fixed
Date Advisory Group Package Severity Type
17 Nov 2020 ASA-202011-12 AVG-1279 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26958
https://bugzilla.mozilla.org/show_bug.cgi?id=1669355