CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
[email protected] reports:
Firefox adds web-compatibility shims in place of some
tracking scripts blocked by Enhanced Tracking Protection.
On a site protected by Content Security Policy in
“strict-dynamic” mode, an attacker able to
inject an HTML element could have used a DOM
Clobbering attack on some of the shims and achieved XSS,
bypassing the CSP strict-dynamic protection.
Form validation popups could capture escape key presses.
Therefore, spamming form validation messages could be used
to prevent users from exiting full-screen mode.
When almost out-of-memory an elliptic curve key which
was never allocated could have been freed again.
It was possible to move the cursor using pointerlock
from an iframe. This allowed moving the cursor outside
of the viewport and the Firefox window.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low