Medium severity6.1NVD Advisory· Published Jun 24, 2021· Updated Jun 17, 2026
CVE-2021-29953
CVE-2021-29953
Description
A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.*. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<88.0.1+ 1 more
- (no CPE)range: <88.0.1
- (no CPE)range: unspecified
<88.1.3+ 1 more
- (no CPE)range: <88.1.3
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- bugzilla.mozilla.org/show_bug.cginvdPermissions RequiredVendor Advisory
- www.mozilla.org/security/advisories/mfsa2021-20/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.