CVE-2023-4047

CVSS v3.1 8.8 (High)

EPSS 0.28 % (69^th)

Affected Products 3

Advisories 36

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-08-01 15:15:09
(13 months ago)
Updated Date: 2023-08-09 21:15:11
(13 months ago)

Affected Products

Debian

Debian Linux

Mozilla

Firefox
Firefox Esr

Configuration #1

	CPE23	From	Up To
Mozilla Firefox prior 116.0 version	cpe:2.3:a:mozilla:firefox		< 116.0
Mozilla Firefox Esr from 102.0 version and prior 102.14 version	cpe:2.3:a:mozilla:firefox_esr	>= 102.0	< 102.14
Mozilla Firefox Esr from 115.0 version and prior 115.1 version	cpe:2.3:a:mozilla:firefox_esr	>= 115.0	< 115.1

Configuration #2

		CPE23	From	Up To
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0