CVE-2020-26962

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/12/2020
Last modified:
10/12/2020

Description

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 83.0 (excluding)