CVE-2022-31743

medium

Description

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1747388

https://www.mozilla.org/security/advisories/mfsa2022-20/

Details

Source: Mitre, NVD

Published: 2022-12-22

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium