Vulnerabilities > Mozilla > Firefox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-26 | CVE-2020-12392 | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 5.5 |
| 2020-03-25 | CVE-2020-6813 | Unspecified vulnerability in Mozilla Firefox When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. | 5.3 |
| 2020-03-25 | CVE-2020-6812 | Information Exposure vulnerability in multiple products The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. | 5.3 |
| 2020-03-25 | CVE-2020-6810 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. | 4.3 |
| 2020-03-25 | CVE-2020-6808 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. | 6.5 |
| 2020-03-02 | CVE-2020-6798 | Cross-site Scripting vulnerability in Mozilla Thunderbird If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. | 6.1 |
| 2020-03-02 | CVE-2020-6797 | Improper Input Validation vulnerability in Mozilla Firefox By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. | 4.3 |
| 2020-02-18 | CVE-2013-5594 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding | 4.3 |
| 2020-01-21 | CVE-2011-2669 | Improper Certificate Validation vulnerability in Mozilla Firefox Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | 6.5 |
| 2020-01-13 | CVE-2011-2670 | Cross-site Scripting vulnerability in Mozilla Firefox Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets | 6.1 |