CVE-2020-26962
CVSS v3.1
6.1 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.08 % (37th)
Affected Products
1
Advisories
5
Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox < 83.
Weaknesses
- CWE-1021
- Improper Restriction of Rendered UI Layers or Frames
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-12-09 01:15:13
(3 years ago) - Updated Date
-
2020-12-10 17:36:12
(3 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...