20
edits
Changes
Explicitly mention sandbox escapes
|}
;'''sec-high''': Obtain confidential data from other sites the user is visiting or the local machine, or inject data or code into those sites, requiring no more than normal browsing actions. Indefinite DoS of the user's system, requiring OS reinstallation or extensive cleanup. Exploitable web vulnerabilities that can lead to the targeted compromise of a small number of users. Sandbox escapes which require the attacker to already have arbitrary code execution in the content process.
{| class="wikitable collapsible " style="width: 100%"
! ''sec-high Examples:''
* Memory read that results in data being written into an inert container (ie string or image) that is subsequently accessible to content
* XSS (Reflected)
*Failure to use TLS where needed to ensure confidential/security * Memory corruption in a parent process IPC method which a malicious content process could exploit.
|}
