CVE-2022-26384
Mozilla: iframe allow-scripts sandbox bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
Si un atacante pudiera controlar el contenido de un iframe en un espacio aislado con <code>allow-popups</code> pero no con <code>allow-scripts</code>, podría crear un enlace que, al hacer clic, conduciría a Ejecución de JavaScript en violación de la sandbox. Esta vulnerabilidad afecta a Firefox < 98, Firefox ESR < 91,7 y Thunderbird < 91.7.
The Mozilla Foundation Security Advisory describes this flaw as:
If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-03-03 CVE Reserved
- 2022-03-11 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2024-09-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-179: Incorrect Behavior Order: Early Validation
CAPEC
References (6)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1744352 | 2024-08-03 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.mozilla.org/security/advisories/mfsa2022-10 | 2022-12-30 | |
https://www.mozilla.org/security/advisories/mfsa2022-11 | 2022-12-30 | |
https://www.mozilla.org/security/advisories/mfsa2022-12 | 2022-12-30 | |
https://access.redhat.com/security/cve/CVE-2022-26384 | 2022-03-14 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2062221 | 2022-03-14 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | < 98.0 Search vendor "Mozilla" for product "Firefox" and version " < 98.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | < 91.7 Search vendor "Mozilla" for product "Firefox Esr" and version " < 91.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | < 91.7 Search vendor "Mozilla" for product "Thunderbird" and version " < 91.7" | - |
Affected
|