| Vulnerability Name: | CVE-2021-43532 (CCN-212643) | ||||||||||||
| Assigned: | 2021-11-02 | ||||||||||||
| Published: | 2021-11-02 | ||||||||||||
| Updated: | 2021-12-10 | ||||||||||||
| Summary: | The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an authentication token used to takeover a user account. If a website tricked a user into copy and pasting the image link back to the page, the page would be able to steal the authentication tokens. This was fixed by making the action return the original URL, before any redirects. This vulnerability affects Firefox < 94. | ||||||||||||
| CVSS v3 Severity: | 6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) 5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-601 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-43532 Source: MISC Type: Issue Tracking, Permissions Required, Vendor Advisory https://bugzilla.mozilla.org/show_bug.cgi?id=1719203 Source: XF Type: UNKNOWN firefox-cve202143532-info-disc(212643) Source: CCN Type: Mozilla Foundation Security Advisory 2021-48 Security Vulnerabilities fixed in Firefox 94 Source: MISC Type: Vendor Advisory https://www.mozilla.org/security/advisories/mfsa2021-48/ | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||