{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38472", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "dateUpdated": "2024-08-03T10:54:03.688Z", "dateReserved": "2022-08-19T00:00:00", "datePublished": "2022-12-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2022-12-22T00:00:00"}, "descriptions": [{"lang": "en", "value": "An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104."}], "affected": [{"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"version": "unspecified", "lessThan": "102.2", "status": "affected", "versionType": "custom"}, {"version": "unspecified", "lessThan": "91.13", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"version": "unspecified", "lessThan": "91.13", "status": "affected", "versionType": "custom"}, {"version": "unspecified", "lessThan": "102.2", "status": "affected", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox", "versions": [{"version": "unspecified", "lessThan": "104", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-35/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-33/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-37/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-36/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-34/"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1769155"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Address bar spoofing via XSLT error handling"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:54:03.688Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2022-35/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-33/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-37/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-36/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2022-34/", "tags": ["x_transferred"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1769155", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "70DE2928-97D5-4674-9A65-11445420644E", "versionEndExcluding": "104.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E797275-F2D5-434F-8BBD-405B454A9F29", "versionEndExcluding": "102.2", "versionStartIncluding": "102.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB7B5641-427F-4682-94D0-E88C20613D05", "versionEndExcluding": "91.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "C55A8FB2-E22B-443C-93FF-A8D2DCE85585", "versionEndExcluding": "102.2", "versionStartIncluding": "102.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104."}, {"lang": "es", "value": "Un atacante podr\u00eda haber abusado del manejo de errores XSLT para asociar contenido controlado por el atacante con otro origen que se mostraba en la barra de direcciones. Esto podr\u00eda haberse utilizado para enga\u00f1ar al usuario para que env\u00ede datos destinados al origen falsificado. Esta vulnerabilidad afecta a Thunderbird &lt; 102.2, Thunderbird &lt; 91.13, Firefox ESR &lt; 91.13, Firefox ESR &lt; 102.2 y Firefox &lt; 104."}], "id": "CVE-2022-38472", "lastModified": "2023-01-03T21:13:48.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-22T20:15:36.237", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1769155"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-33/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-34/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-35/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-36/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2022-37/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-346"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Armin Ebert as the original reporter.", "affected_release": [{"advisory": "RHSA-2022:6169", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:91.13.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6179", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:91.13.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6164", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:91.13.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6175", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:91.13.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6167", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:91.13.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6178", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:91.13.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6168", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:91.13.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6177", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:91.13.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6166", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "thunderbird-0:91.13.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6176", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "firefox-0:91.13.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6165", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:91.13.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-08-24T00:00:00Z"}, {"advisory": "RHSA-2022:6174", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:91.13.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-08-24T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Address bar spoofing via XSLT error handling", "id": "2120673", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120673"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-356", "details": ["An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.", "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of an attacker abusing XSLT error handling to associate attacker-controlled content with another origin, which was displayed in the address bar. This issue could be used to fool the user into submitting data intended for the spoofed origin."], "name": "CVE-2022-38472", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2022-08-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-38472\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38472\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2022-34/#CVE-2022-38472"], "threat_severity": "Important", "upstream_fix": "firefox 91.13, firefox 102.2"}