2022-12-22 00:00:00
mozilla
PUBLISHED
The HTML Sanitizer should have sanitized the href attribute of SVG <use> tags; however it incorrectly did not sanitize xlink:href attributes. This vulnerability affects Firefox < 102.
href
<use>
xlink:href