A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
Un elemento `<dialog>` podría haber sido manipulado para pintar contenido fuera de un iframe en la sandbox. Esto podría permitir que se muestre contenido que no es de confianza bajo la apariencia de contenido confiable. Esta vulnerabilidad afecta a Firefox < 121.
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code.
