CVE-2023-23601
CVSS v3.1
6.5 (Medium)
EPSS
0.10 % (42th)
Affected Products
3
Advisories
36
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
Weaknesses
- CWE-346
- Origin Validation Error
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-06-02 17:15:10
(15 months ago) - Updated Date
-
2023-06-08 18:55:24
(15 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...