A malicious webpage could have forced a Firefox for...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 29, 2023
Description
Published by the National Vulnerability Database
Jun 24, 2021
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 29, 2023
A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.
References