CVE-2020-26962 - log back

CVE-2020-26962 edited at 17 Nov 2020 18:27:45
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Access restriction bypass
Description
+ A security issue has been found in Firefox before 83.0, where cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26962
+ https://bugzilla.mozilla.org/show_bug.cgi?id=610997
Notes
CVE-2020-26962 created at 17 Nov 2020 18:15:06