← volver
CVE-2021-29965

CVE-2021-29965

EPSS 0.7%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
24 jun 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
Productos afectados
Mozilla · Firefox

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=1709257https://www.mozilla.org/security/advisories/mfsa2021-23/