CVE-2026-8971
published 2026-05-19CVE-2026-8971: Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | < Firefox 151 | Firefox 151 |
| mozilla | firefox | < 151.0.0 | 151.0.0 |
| mozilla | thunderbird | < Thunderbird 151 | Thunderbird 151 |
| mozilla | thunderbird | < 151.0.0 | 151.0.0 |