0.002 Low
EPSS
Percentile
55.4%
firefox is vulnerable to remote code execution. The vulnerability exists due to a lack of validation of the boundaries of same-origin policy, allowing an attacker to use XSL transform to serve a user an XSL with maliciously crafted javascript.
bugzilla.mozilla.org/show_bug.cgi?id=1309630
security-tracker.debian.org/tracker/CVE-2022-22755
www.mozilla.org/security/advisories/mfsa2022-04/