Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 安全特征问题漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 92.0版本到98.0.2版本存在安全特征问题漏洞,该漏洞源于允许SVG的<use>元素加载意外内容并在某些情况下执行它的错误。远程攻击者可以绕过已实施的安全限制利用该漏洞在受害者的浏览器中执行任意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A