Security Advisory

CVE-2022-34473

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-22 00:00:00

Last updated 2025-04-15 19:32:51

Assigner mozilla

State PUBLISHED

Description

The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.

← Browse all CVEs View on cve.org ↗