Описание
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Релиз | Статус | Примечание |
---|---|---|
bionic | released | 94.0+build3-0ubuntu0.18.04.1 |
devel | released | 94.0+build3-0ubuntu1 |
esm-infra-legacy/trusty | DNE | |
esm-infra/focal | DNE | |
focal | released | 94.0+build3-0ubuntu0.20.04.1 |
hirsute | released | 94.0+build3-0ubuntu0.21.04.1 |
impish | released | 94.0+build3-0ubuntu0.21.10.1 |
jammy | released | 94.0+build3-0ubuntu1 |
kinetic | released | 94.0+build3-0ubuntu1 |
lunar | released | 94.0+build3-0ubuntu1 |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | ignored | end of standard support, was needs-triage |
devel | DNE | |
esm-apps/bionic | ignored | |
esm-infra-legacy/trusty | DNE | |
esm-infra/focal | DNE | |
focal | DNE | |
hirsute | DNE | |
impish | DNE | |
jammy | DNE | |
kinetic | DNE |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | ignored | end of standard support, was needs-triage |
devel | DNE | |
esm-apps/focal | ignored | |
esm-infra-legacy/trusty | DNE | |
esm-infra/bionic | ignored | |
focal | ignored | |
hirsute | DNE | |
impish | DNE | |
jammy | DNE | |
kinetic | DNE |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | DNE | |
devel | DNE | |
esm-infra-legacy/trusty | DNE | |
esm-infra/focal | ignored | |
focal | ignored | |
hirsute | DNE | |
impish | DNE | |
jammy | DNE | |
kinetic | DNE | |
lunar | DNE |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | DNE | |
devel | DNE | |
esm-apps/jammy | ignored | |
esm-infra-legacy/trusty | DNE | |
esm-infra/focal | DNE | |
focal | DNE | |
hirsute | ignored | end of life |
impish | ignored | end of life |
jammy | ignored | |
kinetic | ignored | end of life, was needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | released | 1:91.5.0+build1-0ubuntu0.18.04.1 |
devel | released | 1:91.3.1+build1-0ubuntu1 |
esm-infra-legacy/trusty | DNE | |
esm-infra/focal | DNE | |
focal | released | 1:91.5.0+build1-0ubuntu0.20.04.1 |
hirsute | ignored | end of life |
impish | released | 1:91.3.1+build1-0ubuntu0.21.10.1 |
jammy | released | 1:91.3.1+build1-0ubuntu1 |
kinetic | released | 1:91.3.1+build1-0ubuntu1 |
lunar | released | 1:91.3.1+build1-0ubuntu1 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
10 Critical
CVSS3
Связанные уязвимости
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
The iframe sandbox rules were not correctly applied to XSLT stylesheet ...
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Уязвимость браузера Mozilla Firefox, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
7.5 High
CVSS2
10 Critical
CVSS3