Cross-origin iframes supported login autofill - CVE-2020-26962ID: oval:org.secpod.oval:def:67341 | Date: (C)2020-11-18 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox 83 : Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |