vulnerability

Red Hat: CVE-2022-38472: CVE-2022-38472 Mozilla: Address bar spoofing via XSLT error handling (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:C/A:N)	2022-08-24	2022-08-26	2025-01-28

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Published

2022-08-24

Added

2022-08-26

Modified

2025-01-28

Description

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird

Solution(s)

redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsourceredhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginforedhat-upgrade-thunderbird-debugsource

References

NVD-CVE-2022-38472
REDHAT-RHSA-2022:6164
REDHAT-RHSA-2022:6165
REDHAT-RHSA-2022:6166
REDHAT-RHSA-2022:6168
REDHAT-RHSA-2022:6169
REDHAT-RHSA-2022:6174
REDHAT-RHSA-2022:6175
REDHAT-RHSA-2022:6176
REDHAT-RHSA-2022:6177
REDHAT-RHSA-2022:6179

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today