5.4
CVE-2026-12323
- EPSS 0.17%
- Veröffentlicht 16.06.2026 11:52:56
- Zuletzt bearbeitet 16.06.2026 20:42:26
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Spoofing issue in the DOM: Core & HTML component
Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird SwEdition- Version < 152.0.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.064 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
|
CWE-1021 Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
https://www.mozilla.org/security/advisories/mfsa2026-57/
https://bugzilla.mozilla.org/show_bug.cgi?id=2035027
https://www.mozilla.org/security/advisories/mfsa2026-60/