CVE-2022-32308

Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt