CVE-2022-1802 PoC — 多款Mozilla产品代码注入漏洞

Source

https://github.com/mistymntncop/CVE-2022-1802

Associated Vulnerability

Title:多款Mozilla产品代码注入漏洞 (CVE-2022-1802)
Description:Mozilla Firefox和Mozilla Thunderbird都是美国Mozilla基金会的产品。Mozilla Firefox是一款开源Web浏览器。Mozilla Thunderbird是一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Firefox, Firefox ESR, Firefox for Android, Thunderbird 存在代码注入漏洞，攻击者利用该漏洞可以诱

Readme

# CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200
Tested against Firefox 100.0.1 (Windows)
https://ftp.mozilla.org/pub/firefox/releases/100.0.1/win64/en-US/Firefox%20Setup%20100.0.1.exe

File Snapshot


 [4.0K]  /data/pocs/cb1878e8abe1e8b95fc3cd17fb6570472764883e
├── [  68]  1.mjs
├── [  50]  2.mjs
├── [ 329]  crash.html
├── [ 13K]  exploit.html
├── [9.9K]  exploit.js
└── [ 185]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!