Vulnerability Description
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | < 107.0 |
| Mozilla | Firefox Esr | < 102.5 |
| Mozilla | Thunderbird | < 102.5 |
Related Weaknesses (CWE)
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1792643Issue TrackingPermissions RequiredVendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-47/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-48/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-49/Vendor Advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=1792643Issue TrackingPermissions RequiredVendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-47/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-48/Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2022-49/Vendor Advisory
FAQ
What is CVE-2022-45420?
CVE-2022-45420 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulne...
How severe is CVE-2022-45420?
CVE-2022-45420 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-45420?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox, Mozilla Firefox Esr, Mozilla Thunderbird.