Back to search
CVE-2021-43540
Published: Dec 8, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox < 95.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox | affected unspecified - < 95 |
References
https://www.mozilla.org/security/advisories/mfsa2021-52/
x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1636629
x_refsource_MISC
GLSA-202202-03
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now