Security Advisory

CVE-2022-42927

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-22 00:00:00

Last updated 2025-04-15 15:46:11

Assigner mozilla

State PUBLISHED

Description

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.

← Browse all CVEs View on cve.org ↗