← voltar
CVE-2020-26954

CVE-2020-26954

EPSS 0.6%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 dez 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
Produtos afetados
Mozilla · Firefox

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →