CVE-2021-38492
- Reference to the description:
- Description:
- When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
- Last updated date:
- 12/09/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/09/2022
- Reference url to background