If a `<template>` tag was used in a `<select>` tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6798
Acknowledgments: Name: the Mozilla project Upstream: terjanq
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0512 https://access.redhat.com/errata/RHSA-2020:0512
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0519 https://access.redhat.com/errata/RHSA-2020:0519
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:0521 https://access.redhat.com/errata/RHSA-2020:0521
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0520 https://access.redhat.com/errata/RHSA-2020:0520
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-6798
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0565 https://access.redhat.com/errata/RHSA-2020:0565
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0577 https://access.redhat.com/errata/RHSA-2020:0577
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:0574 https://access.redhat.com/errata/RHSA-2020:0574
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0576 https://access.redhat.com/errata/RHSA-2020:0576