---

CVE-2021-23999 - log back

CVE-2021-23999 edited at 19 Apr 2021 14:23:38
Description	- A security issue has been found in Firefox before version 88. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. + A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
References	https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/#CVE-2021-23999 + https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/#CVE-2021-23999 https://bugzilla.mozilla.org/show_bug.cgi?id=1691153
Notes

CVE-2021-23999 edited at 19 Apr 2021 13:35:41
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Sandbox escape
Description	+ A security issue has been found in Firefox before version 88. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
References	+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/#CVE-2021-23999 + https://bugzilla.mozilla.org/show_bug.cgi?id=1691153

CVE-2021-23999 created at 19 Apr 2021 13:29:45