A security issue has been found in Firefox before 72.0. When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration.
A security issue has been found in Firefox before 72.0. When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration.
https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17016 https://bugzilla.mozilla.org/show_bug.cgi?id=1599181