vulnerability
Alpine Linux: CVE-2020-15676: Cross-site Scripting
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Oct 1, 2020 | Aug 22, 2024 | Oct 2, 2024 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Oct 1, 2020
Added
Aug 22, 2024
Modified
Oct 2, 2024
Description
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox
Solution(s)
alpine-linux-upgrade-firefox-esralpine-linux-upgrade-firefox

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.