CVE-2022-31743

medium

Description

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.

References

https://www.mozilla.org/security/advisories/mfsa2022-20/

https://bugzilla.mozilla.org/show_bug.cgi?id=1747388

Details

Source: Mitre, NVD

Published: 2022-12-22

Updated: 2023-01-03

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium

Detections

Analytics