vulnerability

Red Hat: CVE-2020-26965: CVE-2020-26965 Mozilla: Software keyboards may have remembered typed passwords (Multiple Advisories)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
2020-11-30
Added
2020-12-01
Modified
2023-12-15

Description

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password. This vulnerability affects Firefox

Solution(s)

redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.