CVE-2022-26384 log
Source |
|
Severity | High |
Remote | Yes |
Type | Unknown |
Description | If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2714 | firefox | 97.0.2-1 | 98.0-1 | High | Fixed | |
AVG-2713 | thunderbird | 91.6.2-1 | 91.7.0-1 | High | Fixed |
References |
---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1744352 |