CVE-2022-34468

CVSS v3.1 8.8 (High)

EPSS 0.19 % (56^th)

Affected Products 3

Advisories 36

An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2022-12-22 20:15:30
(21 months ago)
Updated Date: 2022-12-30 18:01:31
(20 months ago)

Affected Products

Mozilla

Firefox
Firefox Esr
Thunderbird

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 102.0 version	cpe:2.3:a:mozilla:firefox	< 102.0
Mozilla Firefox Esr prior 91.11 version	cpe:2.3:a:mozilla:firefox_esr	< 91.11
Mozilla Thunderbird prior 91.11 version	cpe:2.3:a:mozilla:thunderbird	< 91.11