Due to an unusual sequence of attacker-controlled events, a Javascript `alert()` dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/#CVE-2021-38509
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:4116 https://access.redhat.com/errata/RHSA-2021:4116
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4123 https://access.redhat.com/errata/RHSA-2021:4123
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-38509
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:4133 https://access.redhat.com/errata/RHSA-2021:4133
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:4132 https://access.redhat.com/errata/RHSA-2021:4132
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4130 https://access.redhat.com/errata/RHSA-2021:4130
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:4134 https://access.redhat.com/errata/RHSA-2021:4134
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:4607 https://access.redhat.com/errata/RHSA-2021:4607
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:4605 https://access.redhat.com/errata/RHSA-2021:4605