EPSS
Percentile
50.8%
firefox is vulnerable to same-origin policy bypass. An attacker who successfully installs a malicious extension on a user’s browser is able to perform credential-less same origin policy violations.
bugzilla.mozilla.org/show_bug.cgi?id=1692623
security-tracker.debian.org/tracker/CVE-2021-23986
security.gentoo.org/glsa/202104-10
www.mozilla.org/en-US/security/advisories/mfsa2021-10/#CVE-2021-23986
www.mozilla.org/security/advisories/mfsa2021-10/