CVE-2021-38492 log

Severity Medium
Remote Yes
Type Arbitrary command execution
When delegating navigations to the operating system, Firefox before version 91.1 and Thunderbird before version 78.14 would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode.

This bug only affects Firefox for Windows. Other operating systems are unaffected.
Group Package Affected Fixed Severity Status Ticket
AVG-2353 thunderbird 78.13.0-1 78.14.0-1 Medium Not affected
AVG-2351 firefox 91.0.2-1 92.0-1 Medium Not affected