QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-22760

Back to search

CVE-2022-22760

Published: Dec 22, 2022

Modified: Apr 16, 2025

PUBLISHED

Description

When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

VendorProductVersions

Mozilla

Firefox

affected
unspecified - < 97

Mozilla

Thunderbird

affected
unspecified - < 91.6

Mozilla

Firefox ESR

affected
unspecified - < 91.6

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now