CVE-2023-32205

CVE Database · CVE-2023-32205

CVE-2023-32205

· MEDIUMModified

CVSS v3.1

4.3

EPSS

0.63%

Published

Jun 2, 2023

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products (3)

mozilla · firefox (up to 113.0)vulnerable

mozilla · firefox_esr (up to 102.11)vulnerable

mozilla · thunderbird (up to 102.11)vulnerable

References (14)

https://bugzilla.mozilla.org/show_bug.cgi?id=1753339

Issue TrackingPermissions RequiredVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1753341

Issue TrackingVendor Advisory

https://security.gentoo.org/glsa/202312-03