CVE-2022-31743

Sažetak

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1747388
https://www.mozilla.org/security/advisories/mfsa2022-20/
https://bugzilla.mozilla.org/show_bug.cgi?id=1747388
https://www.mozilla.org/security/advisories/mfsa2022-20/
https://bugzilla.mozilla.org/show_bug.cgi?id=1747388

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Zadnje važnije ažuriranje

15-04-2025 - 19:15

Objavljeno

22-12-2022 - 20:15