CVE-2014-1529
CVSS v3.1
8.8 (High)
CVSS v2.0
9.3 (High)
EPSS
0.43 % (75th)
Affected Products
16
Advisories
10
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.
Weaknesses
- CWE-269
- Improper Privilege Management
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2014-04-30 10:49:04
(10 years ago) - Updated Date
-
2020-08-06 17:42:27
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Configuration #6
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...