Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-26283HistoryFeb 22, 2024 - 3:15 p.m.
CVE-2024-26283
2024-02-2215:15:08
Debian Security Bug Tracker
security-tracker.debian.org
16
javascript uri
external url
custom firefox scheme
vulnerability
ios
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
Low
EPSS
0
Percentile
9.0%
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 130.0.1-1 | firefox_130.0.1-1_all.deb |
Related
nvd
nvd
CVE-2024-26283
2024-02-22 15:15:08
prion
prion
Design/Logic Flaw
2024-02-22 15:15:00
vulnrichment
vulnrichment
CVE-2024-26283
2024-02-22 14:56:43
cve
cve
CVE-2024-26283
2024-02-22 15:15:08
cnvd
cnvd
Mozilla Firefox for iOS cross-site scripting vulnerability (CNVD-2024-12553)
2024-03-01 00:00:00
cvelist
cvelist
CVE-2024-26283
2024-02-22 14:56:43
mozilla
mozilla
Security Vulnerabilities fixed in Firefox for iOS 123 — Mozilla
2024-02-19 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
Low
EPSS
0
Percentile
9.0%
Related for DEBIANCVE:CVE-2024-26283