{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T22:42:54.358","vulnerabilities":[{"cve":{"id":"CVE-2020-15653","sourceIdentifier":"security@mozilla.org","published":"2020-08-10T18:15:12.373","lastModified":"2024-11-21T05:05:57.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1."},{"lang":"es","value":"Un elemento del sandbox de iframe con el flag allow-popups podría ser omitida cuando se usan enlaces noopener. Esto podría haber conllevado a problemas de seguridad para los sitios web que dependen de configuraciones de sandbox que permitían ventanas emergentes y alojaban contenido arbitrario. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 78.1, Firefox versiones anteriores a 79 y Thunderbird versiones anteriores a 78.1"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"79.0","matchCriteriaId":"89415068-6F07-4D38-9BE8-EAC175A310DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"78.1","matchCriteriaId":"E1B90123-60A0-407C-BCCD-083FA3FEECCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"78.1","matchCriteriaId":"B31A7BCE-C606-43F5-ABAA-F76B75BFDF3C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","matchCriteriaId":"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","matchCriteriaId":"902B8056-9E37-443B-8905-8AA93E2447FB"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1521542","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://usn.ubuntu.com/4443-1/","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-30/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-32/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-33/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1521542","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://usn.ubuntu.com/4443-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-30/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-32/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-33/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}