CVE-2022-26384 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Unknown
Description	If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2714	firefox	97.0.2-1	98.0-1	High	Fixed
AVG-2713	thunderbird	91.6.2-1	91.7.0-1	High	Fixed

References
https://bugzilla.mozilla.org/show_bug.cgi?id=1744352