Description |
- |
An incorrect parsing of template could result in Javascript injection in Firefox before 73.0. If a <template> tag was used in a <select%gt; tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. |
+ |
An incorrect parsing of template could result in Javascript injection in Firefox before 73.0 and Thunderbird before 68.5. If a <template> tag was used in a <select%gt; tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. |
|
In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. |
|