Описание
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks.
This bug only affects Firefox for Android. Other operating systems are unaffected.
Note: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | Firefox for Android only |
| devel | not-affected | Firefox for Android only |
| esm-infra/focal | DNE | |
| focal | not-affected | Firefox for Android only |
| jammy | not-affected | Firefox for Android only |
| kinetic | not-affected | Firefox for Android only |
| trusty | ignored | end of standard support |
| upstream | not-affected | Firefox for Android only |
| xenial | ignored | end of standard support |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
If a domain name contained a RTL character, it would cause the domain ...
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
EPSS
4.3 Medium
CVSS3