CVE-2021-38497

Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Information

Published : 2021-11-02 18:15

Updated : 2021-11-04 13:31


NVD link : CVE-2021-38497

Mitre link : CVE-2021-38497


JSON object : View

CWE
CWE-346

Origin Validation Error

Advertisement

dedicated server usa

Products Affected

mozilla

  • firefox
  • firefox_esr
  • thunderbird