CVE-2024-26282
published 2024-02-22CVE-2024-26282: Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for…
high7.1CVSS 3.1
AVNACLPRNUIRSUCLIHAN
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| mozilla | firefox | < 123.0 | 123.0 |
| mozilla | firefox | — | — |
| mozilla | firefox_for_ios | >= unspecified < 123 | 123 |
Debian
CVE-2024-26282: firefox - Using an AMP url with a canonical element, an attacker could have executed JavaS...
vendor_debian·2024·CVSS 7.1
CVE-2024-26282 [HIGH] CVE-2024-26282: firefox - Using an AMP url with a canonical element, an attacker could have executed JavaS...
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
Scope: local
sid: resolved
Mozilla
Mozilla Foundation Security Advisory 2024-08: CVE-2024-26282
vendor_mozilla·CVSS 7.1
CVE-2024-26282 [HIGH] Mozilla Foundation Security Advisory 2024-08: CVE-2024-26282
Mozilla Foundation Security Advisory 2024-08
CVE: CVE-2024-26282
Product: Firefox for iOS
Impact: moderate
Fixed in: Firefox for iOS 123
GHSA
GHSA-g386-c6xv-h62r: Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page
ghsa_unreviewed·2024-02-22
CVE-2024-26282 [HIGH] CWE-80 GHSA-g386-c6xv-h62r: Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-22
Published