Origin Validation Error
CVE-2022-34477
Summary
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox prior to 102.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-346 - Origin Validation Error
The software does not properly verify that the source of data or communication is valid.
Advisory Timeline
- Published