PT-2021-7412 · Mozilla+1 · Firefox For Android+1

Hafiizh

Published

2021-11-02

Updated

2023-07-11

CVE-2021-43530

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Firefox for Android versions prior to 94

Description A Universal XSS issue exists due to improper sanitization when processing a URL scanned from a QR code, allowing a remote attacker to conduct a cross-site scripting (XSS) attack. This issue only affects Firefox for Android, with other operating systems being unaffected.

Recommendations For Firefox for Android versions prior to 94, update to version 94 or later to resolve the issue. As a temporary workaround, consider avoiding the use of QR code scanning in Firefox for Android until the update is applied.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2023-4336

ALT-PU-2023-4339

BDU:2022-06031

CVE-2021-43530

Affected Products

Alt Linux

Firefox For Android

PT-2021-7412 · Mozilla+1 · Firefox For Android+1

CVE-2021-43530

Weakness Enumeration

Related Identifiers

Affected Products

References · 7