CVE-2020-15648

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
Configurations

Configuration 1

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Information

Published : 2020-08-10 06:15

Updated : 2020-08-12 04:27


NVD link : CVE-2020-15648

Mitre link : CVE-2020-15648

Products Affected
No products.
CWE
CWE-1021

Improper Restriction of Rendered UI Layers or Frames