Jack Wrenn

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 97 **Description** The issue is related to insufficient control of resources during the existence of XML document transformations, allowing a remote attacker to cause a denial of service, bypass security restrictions, access confidential information, or execute arbitrary JavaScript code using a specially crafted XML document. A malicious web server could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. **Recommendations** For versions prior to 97, update to version 97 or later to resolve the issue. As a temporary workaround, consider restricting the use of XSL Transforms in Firefox until a patch is applied. Avoid using Firefox to access untrusted websites or XML documents from unknown sources until the issue is resolved.