CVE-2022-1887SQL Injection in Mozilla Firefox FOR IOS

CWE-89SQL Injection5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 30.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla Firefox FOR IOSMozilla Firefox
Timeline
PublishedDec 22

Description

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDmozilla/firefox< 101
CVEListV5mozilla/firefox_for_iosunspecified101

🔴Vulnerability Details

2
CVEList
CVE-2022-1887: The search term could have been specified externally to trigger SQL injection2022-12-22
GHSA
GHSA-3f36-r4c3-hh86: The search term could have been specified externally to trigger SQL injection2022-12-22

📋Vendor Advisories

2
Debian
CVE-2022-1887: firefox - The search term could have been specified externally to trigger SQL injection. T...2022
Mozilla
Mozilla Foundation Security Advisory 2022-23: CVE-2022-1887
CVE-2022-1887 — SQL Injection in Mozilla | cvebase