CVE-2020-26951Cross-site Scripting in Mozilla Firefox

CWE-79Cross-site ScriptingCWE-354Improper Validation of Integrity Check Value12 documents8 sources
Severity
6.1MEDIUMNVD
EPSS
0.4%
top 37.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird
Timeline
PublishedDec 9
Latest updateMay 24

Description

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages7 packages

CVEListV5mozilla/firefox< 83
NVDmozilla/firefox< 83.0
CVEListV5mozilla/firefox_esr< 78.5
CVEListV5mozilla/thunderbird< 78.5

🔴Vulnerability Details

3
GHSA
GHSA-w7p8-wf2r-rw5h: A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization2022-05-24
CVEList
CVE-2020-26951: A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization2020-12-09
OSV
CVE-2020-26951: A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization2020-12-09

📋Vendor Advisories

8
Ubuntu
Thunderbird vulnerabilities2020-11-25
Ubuntu
Firefox vulnerabilities2020-11-19
Ubuntu
Firefox vulnerabilities2020-11-18
Red Hat
Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code2020-11-17
Debian
CVE-2020-26951: firefox - A parsing and event loading mismatch in Firefox's SVG code could have allowed lo...2020
CVE-2020-26951 — Cross-site Scripting in Mozilla | cvebase