When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It has been classified as problematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It has been classified as problematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12.
When a file download is specified via the `Content-Disposition` header, thatdirective would beignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerabletoa cross-site scripting attack. This vulnerabilityaffects Firefox <140 and Firefox ESR < 128.12.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It hasbeen classified asproblematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWEisclassifying the issue as CWE-79. The product doesnot neutralize orincorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It has been classified as problematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
A vulnerability was found in Mozilla Firefox up to 139 (Web Browser). It has been classified as problematic.The manipulation of the argument Content-Disposition with an unknown input leads to a unknown weakness. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.This is going to have an impact on integrity.Upgrading to version 140 eliminates this vulnerability.
