CVE-2023-25731

high

Description

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.

References

https://www.mozilla.org/security/advisories/mfsa2023-05/

https://bugzilla.mozilla.org/show_bug.cgi?id=1801542

Details

Source: Mitre, NVD

Published: 2023-06-02

Updated: 2023-06-08

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics