CVE-2020-26967

EPSS 0.28%
Published 09.12.2020 01:15:13
Last modified 21.11.2024 05:20:35
Source security@mozilla.org
Teams watchlist Login
Open Login

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version < 83.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.28%	0.488

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

https://www.mozilla.org/security/advisories/mfsa2020-50/

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1665820

Vendor Advisory

Issue Tracking

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2020-26967

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-26967

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-26967

EUVD