Описание
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 90.
Ссылки
- Issue TrackingPermissions Required
- Vendor Advisory
- Issue TrackingPermissions Required
- Vendor Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.
Password autofill was enabled without user interaction on insecure web ...
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.
Уязвимость функции автозаполнения пароля браузера Mozilla Firefox для Android, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2