CVE-2022-45420 — UI Misrepresentation / Clickjacking in Mozilla Firefox
Severity
6.5MEDIUMNVD
OSV8.1
EPSS
0.1%
top 66.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 22
Latest updateFeb 6
Description
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages9 packages
🔴Vulnerability Details
5CVEList▶
CVE-2022-45420: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potent↗2022-12-22
GHSA▶
GHSA-6pf3-q3cx-w87c: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potent↗2022-12-22
OSV▶
CVE-2022-45420: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potent↗2022-12-22
📋Vendor Advisories
7Debian▶
CVE-2022-45420: firefox - Use tables inside of an iframe, an attacker could have caused iframe contents to...↗2022