Vulnerability identifier: #VU49015
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input within CSS Sanitizer. A remote attacker can create a specially crafted web page, trick the victim into visiting it, and bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versions
Mozilla Firefox: 60.0 - 83.0
Firefox ESR: 78.0 - 78.5.0, 68.0 - 68.12.0, 60.0 - 60.9.0
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?