{"id":"CVE-2022-28286","details":"Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird \u003c 91.8, Firefox \u003c 99, and Firefox ESR \u003c 91.8.","modified":"2026-04-16T04:33:13.524401640Z","published":"2022-12-22T20:15:24.533Z","related":["ALSA-2022:1287","ALSA-2022:1301","SUSE-RU-2022:1114-1","SUSE-RU-2022:1125-1","SUSE-RU-2022:14935-1","SUSE-SU-2022:1127-1","SUSE-SU-2022:1176-1","openSUSE-SU-2022:1127-1","openSUSE-SU-2024:11975-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735265"},{"type":"EVIDENCE","url":"https://www.mozilla.org/security/advisories/mfsa2022-13/"},{"type":"EVIDENCE","url":"https://www.mozilla.org/security/advisories/mfsa2022-14/"},{"type":"EVIDENCE","url":"https://www.mozilla.org/security/advisories/mfsa2022-15/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-28286.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"99.0"}]},{"events":[{"introduced":"0"},{"fixed":"91.8"}]},{"events":[{"introduced":"0"},{"fixed":"91.8"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}]}