An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 102.0 | |
firefox_esr | lt | 91.11 | |
thunderbird | lt | 91.11 |