CVE-2024-26281 — Cross-site Scripting in Mozilla

Vendor	Product	Version range	Fixed in
debian	firefox	—	—
mozilla	firefox	< 123.0	123.0
mozilla	firefox	—	—
mozilla	firefox_for_ios	>= unspecified < 123	123

Debian

CVE-2024-26281: firefox - Upon scanning a JavaScript URI with the QR code scanner, an attacker could have ...

vendor_debian·2024·CVSS 4.7

CVE-2024-26281 [MEDIUM] CVE-2024-26281: firefox - Upon scanning a JavaScript URI with the QR code scanner, an attacker could have ... Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123. Scope: local sid: resolved

Mozilla

Mozilla Foundation Security Advisory 2024-08: CVE-2024-26281

vendor_mozilla·CVSS 4.7

CVE-2024-26281 [MEDIUM] Mozilla Foundation Security Advisory 2024-08: CVE-2024-26281 Mozilla Foundation Security Advisory 2024-08 CVE: CVE-2024-26281 Product: Firefox for iOS Impact: moderate Fixed in: Firefox for iOS 123

GHSA

GHSA-7hw4-x97q-5wx2: Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the U

ghsa_unreviewed·2024-02-22

CVE-2024-26281 [MEDIUM] CWE-79 GHSA-7hw4-x97q-5wx2: Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the U Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.

CVE-2024-26281: Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar…

Affected