CVE-2022-1802 - Mozilla Firefox Esr, Mozilla Firefox and Mozilla Thunderbird

Critical 8.8

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.

Affected software

Mozilla Firefox Esr

Mozilla Firefox

Mozilla Thunderbird

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.