CVE-2021-43530
MEDIUMFirefox for Android < 94.0 - Universal Cross-Site Scripting via QR Code URL Processing
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-43530. PoCs published by hfh86.
AI-analyzed exploit summary This repository contains a writeup and proof-of-concept for CVE-2021-43530, a Universal XSS vulnerability in Firefox for Android due to improper URL sanitization when processing QR codes. The vulnerability affects Firefox versions prior to 94.
Description
A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94.
Exploits (1)
This repository contains a writeup and proof-of-concept for CVE-2021-43530, a Universal XSS vulnerability in Firefox for Android due to improper URL sanitization when processing QR codes. The vulnerability affects Firefox versions prior to 94.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N