CVE-2022-45417

MEDIUM Year: 2022
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-1021
View all →

Vulnerability Description

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.

Related Vulnerabilities

CVE-2013-2682

MEDIUM
CVSS:4.3(Medium)

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

CWE-10212013

CVE-2013-5594

MEDIUM
CVSS:4.3(Medium)

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding

CWE-10212013

CVE-2013-6772

MEDIUM
CVSS:4.3(Medium)

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking

CWE-10212013

CVE-2017-5026

MEDIUM
CVSS:4.3(Medium)

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't...

CWE-10212017

CVE-2018-12576

MEDIUM
CVSS:4.3(Medium)

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.

CWE-10212018

CVE-2018-6178

MEDIUM
CVSS:4.3(Medium)

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a ...

CWE-10212018