vulnerability
Ubuntu: (Multiple Advisories) (CVE-2021-38503): Firefox vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Nov 3, 2021 | Nov 4, 2021 | Aug 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Nov 3, 2021
Added
Nov 4, 2021
Modified
Aug 18, 2025
Description
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Solutions
ubuntu-upgrade-firefoxubuntu-upgrade-thunderbird
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.