---

CVE-2021-29971 - log back

CVE-2021-29971 created at 13 Jul 2021 15:30:47
Severity	+ High
Remote	+ Remote
Type	+ Access restriction bypass
Description	+ If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. + + This bug only affects Firefox for Android. Other operating systems are unaffected.
References	+ https://www.mozilla.org/security/advisories/mfsa2021-28/ + https://bugzilla.mozilla.org/show_bug.cgi?id=1713638
Notes