If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframes document that e.g. had a JavaScript event handler - the event handler would have run despite the iframes sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 97.0 (excluding) |
Firefox_esr | Mozilla | * | 91.6 (excluding) |
Thunderbird | Mozilla | * | 91.6 (excluding) |