Security Advisory

CVE-2021-23974

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-26 01:51:50

Last updated 2024-08-03 19:14:09

Assigner mozilla

State PUBLISHED

Description

The DOMParser API did not properly process <noscript> elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86.

← Browse all CVEs View on cve.org ↗