CVE-2023-37206

CVSS v3.1 6.5 (Medium)

EPSS 0.11 % (46^th)

Affected Products 1

Advisories 7

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

Weaknesses

CWE-59: Improper Link Resolution Before File Access ('Link Following')

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-07-05 10:15:09
(14 months ago)
Updated Date: 2024-01-07 11:15:12
(8 months ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 115.0 version	cpe:2.3:a:mozilla:firefox		< 115.0