CVE-2021-29944 - log back

CVE-2021-29944 edited at 19 Apr 2021 14:13:41
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ A security issue has been found in Firefox before version 88. Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible.
+
+ Note: This issue only affected Firefox for Android. Other operating systems are unaffected.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/#CVE-2021-29944
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1697604
CVE-2021-29944 created at 19 Apr 2021 13:29:45