Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's b

BROWSER

FIREFOX

16-04-2025 19:14

CVE-2022-22757 Vulnerabilidad documentada

6.5 MEDIUM

Tags

#site

#web

#drive

#config

#firefox

#browser

#vulnerability

#website

#affected

#remote

#configuration

#bug

#allow

#affect

Descripción

Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally user's browser control it.
*This bug only affected Firefox when WebDriver was enabled, which is default configuration.*. vulnerability affects < 97.

https://bugzilla.mozilla.org/show_bug.cgi?id=1720098

https://www.mozilla.org/security/advisories/mfsa2022-04/

https://bugzilla.mozilla.org/show_bug.cgi?id=1720098

https://www.mozilla.org/security/advisories/mfsa2022-04/

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2022-22757

Resultados similares

Coincidentes en almenos en 50% de los tags

18-04-2025 CVE-2022-22752
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Fi...
Ver información

18-04-2025 CVE-2024-45651
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session ...
Ver información