CVE-2021-23963

CVSS v3.1 4.3 (Medium)

CVSS v2.0 4.3 (Medium)

EPSS 0.08 % (37^th)

Affected Products 1

Advisories 5

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.

Weaknesses

CWE-281: Improper Preservation of Permissions

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2021-02-26 03:15:14
(3 years ago)
Updated Date: 2021-03-03 20:11:04
(3 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 85.0 version	cpe:2.3:a:mozilla:firefox		< 85.0