Unrated severityNVD Advisory· Published Dec 9, 2020· Updated Aug 4, 2024
CVE-2020-26962
CVE-2020-26962
Description
Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox < 83.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4< 83+ 1 more
- (no CPE)range: < 83
- (no CPE)range: < 83
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
Patches
Vulnerability mechanics
References
2- bugzilla.mozilla.org/show_bug.cgimitrex_refsource_MISC
- www.mozilla.org/security/advisories/mfsa2020-50/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.