CVE-2021-4140XML Injection (aka Blind XPath Injection) in Mozilla Firefox

CWE-91XML Injection (aka Blind XPath Injection)CWE-1021UI Misrepresentation / Clickjacking13 documents8 sources
Severity
10.0CRITICALNVD
OSV8.8
EPSS
0.1%
top 80.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird
Timeline
PublishedDec 22

Description

It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages8 packages

CVEListV5mozilla/firefoxunspecified96
NVDmozilla/firefox< 96.0
CVEListV5mozilla/firefox_esrunspecified91.5
CVEListV5mozilla/thunderbirdunspecified91.5

Patches

Patch: bugzilla.mozilla.orgPatch: bugzilla.mozilla.org

🔴Vulnerability Details

4
CVEList
CVE-2021-4140: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox2022-12-22
OSV
CVE-2021-4140: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox2022-12-22
GHSA
GHSA-h5mr-xp97-c4p5: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox2022-12-22
OSV
thunderbird vulnerabilities2022-01-21

📋Vendor Advisories

8
Ubuntu
Thunderbird vulnerabilities2022-01-21
Ubuntu
Thunderbird vulnerabilities2022-01-21
Ubuntu
Firefox vulnerabilities2022-01-13
Red Hat
Mozilla: Iframe sandbox bypass with XSLT2022-01-11
Debian
CVE-2021-4140: firefox - It was possible to construct specific XSLT markup that would be able to bypass a...2021
CVE-2021-4140 — Mozilla Firefox vulnerability | cvebase