N/A

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.

N/A

N/A

Mozilla Firefox 访问控制错误漏洞

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 104 之前版本存在安全漏洞，该漏洞源于攻击者滥用XSLT错误处理，将攻击者控制的内容与另一个来源相关联并显示在地址栏中。此问题可用于欺骗用户提交用于欺骗来源的数据。

N/A

N/A