CVE-2023-6209
CVSS v3.1
6.5 (Medium)
EPSS
0.08 % (35th)
Affected Products
4
Advisories
33
Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
Weaknesses
- CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-11-21 15:15:07
(10 months ago) - Updated Date
-
2023-11-30 16:15:11
(9 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...