When an https: web page created a pop-up from a javascript: URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 120.0 (excluding) |