CVE-2020-12391
CVSS v3.1
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.11 % (44th)
Affected Products
1
Advisories
4
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.
Weaknesses
- CWE-863
- Incorrect Authorization
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-05-26 18:15:11
(4 years ago) - Updated Date
-
2022-07-12 17:42:04
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...