Tuesday, March 2, 2021

Ubuntu: USN-4756-1 (CVE-2021-23974): Firefox vulnerabilities

Description
The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86.
Solution(s)
  • ubuntu-upgrade-firefox


  • References
  • USN-4756-1
  • CVE-2021-23974




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated