CVE-2021-43542

Summary

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 91.4.0affected
MozillaFirefox ESRunspecified < 91.4.0affected
MozillaFirefoxunspecified < 95affected

Weaknesses

  • XMLHttpRequest error codes could have leaked the existence of an external protocol handler

ADP Enrichment

CVE Program Container

Additional References

References