Описание
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 101.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/#CVE-2022-31743
EPSS
Связанные уязвимости
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.
Уязвимость синтаксического анализатора HTML браузеров Firefox, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS