CVE-2020-26967 log

Source
Severity Low
Remote Yes
Type Incorrect calculation
Description
A security issue has been found in Firefox before 83.0 where, when listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code.
Group Package Affected Fixed Severity Status Ticket
AVG-1279 firefox 82.0.3-1 83.0-1 Critical Fixed
Date Advisory Group Package Severity Type
17 Nov 2020 ASA-202011-12 AVG-1279 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26967
https://bugzilla.mozilla.org/show_bug.cgi?id=1665820