Unrated severityNVD Advisory· Published Dec 22, 2022· Updated Apr 16, 2025
CVE-2022-22757
CVE-2022-22757
Description
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. *This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<97+ 1 more
- (no CPE)range: <97
- (no CPE)range: unspecified
- osv-coords2 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 128.5.1-1.1+ 1 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 97.0-1.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.