CVE Published: 22/12/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: mozilla |
Vendor: Mozilla |
Product: Firefox Status : PUBLISHED
CVE-2022-22755 Description
By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.