Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-38509 - log back

CVE-2021-38509 edited at 03 Nov 2021 16:45:46

Description

-	Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.
+	A security issue has been found in Firefox before version 94 and Thunderbird before version 91.3. Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.

References

	https://www.mozilla.org/security/advisories/mfsa2021-48/
+	https://www.mozilla.org/security/advisories/mfsa2021-50/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1718571

CVE-2021-38509 created at 02 Nov 2021 13:16:46

Severity

+

Medium

Remote

+

Remote

Type

+	Content spoofing

Description

+	Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing.

References

+	https://www.mozilla.org/security/advisories/mfsa2021-48/
+	https://bugzilla.mozilla.org/show_bug.cgi?id=1718571

Notes