Описание
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 96.0+build2-0ubuntu0.18.04.1 |
| devel | released | 96.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 96.0+build2-0ubuntu0.20.04.1 |
| hirsute | released | 96.0+build2-0ubuntu0.21.04.1 |
| impish | released | 96.0+build2-0ubuntu0.21.10.1 |
| jammy | released | 96.0+build2-0ubuntu1 |
| kinetic | released | 96.0+build2-0ubuntu1 |
| lunar | released | 96.0+build2-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | ignored | |
| focal | ignored | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/jammy | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
| jammy | ignored | |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:91.5.0+build1-0ubuntu0.18.04.1 |
| devel | released | 1:91.5.0+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:91.5.0+build1-0ubuntu0.20.04.1 |
| hirsute | ignored | end of life |
| impish | released | 1:91.5.0+build1-0ubuntu0.21.10.1 |
| jammy | released | 1:91.5.0+build1-0ubuntu1 |
| kinetic | released | 1:91.5.0+build1-0ubuntu1 |
| lunar | released | 1:91.5.0+build1-0ubuntu1 |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS3
Связанные уязвимости
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
It was possible to construct specific XSLT markup that would be able t ...
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Уязвимость изолированной среды iframe почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти изолированную программную среду iframe и выполнить произвольный код JavaScript в контексте произвольного окна
EPSS
10 Critical
CVSS3