CVE-2023-4053

CVSS v3.1 6.5 (Medium)

EPSS 0.10 % (41^th)

Affected Products 1

Advisories 29

A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

Weaknesses

CWE-59: Improper Link Resolution Before File Access ('Link Following')

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-08-01 15:15:10
(13 months ago)
Updated Date: 2023-09-11 09:15:08
(12 months ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 116.0 version	cpe:2.3:a:mozilla:firefox		< 116.0