Script could be executed via svg's use element - CVE-2022-28284ID: oval:org.secpod.oval:def:78618 | Date: (C)2022-04-06 (M)2023-11-19 |
Class: VULNERABILITY | Family: macos |
Mozilla Firefox 99 : SVG's use element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |
Apple Mac OS 11 |
Apple Mac OS 12 |