CVE-2021-38492
CVSS v3.1
6.5 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.31 % (70th)
Affected Products
4
Advisories
18
When delegating navigations to the operating system, Firefox would accept the mk
scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2021-11-03 01:15:07
(2 years ago) - Updated Date
-
2022-12-09 19:19:12
(21 months ago)
Affected Products
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...