PT-2026-24212 · Mozilla · Firefox
Jun Yang
·
Published
2026-03-10
·
Updated
2026-03-19
·
CVE-2026-3846
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 148.0.2
Description
A bypass of the same-origin policy exists in the CSS Parsing and Computation component. This allows potentially malicious actors to circumvent security restrictions designed to isolate web pages from each other.
Recommendations
Update Firefox to version 148.0.2 or later.
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox