If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user…
mozilla·NVD-CWE-Other·Published 2022-12-22
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
Si un nombre de dominio contuviera un carácter RTL, el dominio se representaría a la derecha de la ruta. Esto podría generar confusión en el usuario y ataques de suplantación de identidad. <br>*Este error sólo afecta a Firefox para Android. Otros sistemas operativos no se ven afectados.*<br>*Nota*: Debido a un error administrativo, este aviso no se incluyó en el anuncio original y se agregó en febrero de 2022. Esta vulnerabilidad afecta a Firefox < 92.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 4.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Primary | NVD | 4.3 | 2.8 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Primary | cve.org | 4.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
| 3.1 | Secondary | NVD | 4.3 | 2.8 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |