CVE-2021-43542

Medium

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols.…

mozilla·CWE-209·Published 2021-12-08

CVSS

6.5

EPSS

0.02

KEV

Exploits

Vendor statements (4)

cve.orgen

225 chars

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

NVDes

299 chars

Usando XMLHttpRequest, un atacante podría haber identificado aplicaciones instaladas sondeando los mensajes de error para cargar protocolos externos. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 91.4.0, Firefox ESR versiones anteriores a 91.4.0 y Firefox versiones anteriores a 95

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N