Tuesday, March 2, 2021

Ubuntu: USN-4756-1 (CVE-2021-23972): Firefox vulnerabilities

Description
One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://[email protected]'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86.
Solution(s)
  • ubuntu-upgrade-firefox


  • References
  • USN-4756-1
  • CVE-2021-23972




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated