Persistent JavaScript Execution Vulnerability in Firefox < 97

Persistent JavaScript Execution Vulnerability in Firefox < 97

CVE-2022-22755 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.

Learn more about our Web App Pen Testing.