CVE-2022-32308

Name of the Vulnerable Software and Affected Versions uBlock Origin versions prior to 1.41.1

Description A Cross Site Scripting (XSS) issue allows remote attackers to run arbitrary code via a spoofed MessageSender.url to the browser renderer process. This enables attackers to execute malicious scripts, potentially leading to unauthorized actions on the affected system.

Recommendations For versions prior to 1.41.1, update to version 1.41.1 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable websites or disabling the uBlock Origin extension until the update is applied.