cbcvebase.
CVE-2023-25729
published 2023-06-02

CVE-2023-25729: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction…

PriorityP345high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.68%
47.9th percentile
Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Affected

21 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 110.0-1 (sid)firefox 110.0-1 (sid)
debianfirefox-esr< firefox 110.0-1 (sid)firefox 110.0-1 (sid)
debianthunderbird< firefox 110.0-1 (sid)firefox 110.0-1 (sid)
mozillafirefox< 110.0110.0
mozillafirefox
mozillafirefox>= 0 < 110.0+build3-0ubuntu0.18.04.1110.0+build3-0ubuntu0.18.04.1
mozillafirefox>= 0 < 110.0.1+build2-0ubuntu0.18.04.1110.0.1+build2-0ubuntu0.18.04.1
mozillafirefox>= 0 < 110.0+build3-0ubuntu0.20.04.1110.0+build3-0ubuntu0.20.04.1
mozillafirefox>= 0 < 110.0.1+build2-0ubuntu0.20.04.1110.0.1+build2-0ubuntu0.20.04.1
mozillafirefox>= unspecified < 110110
mozillafirefox_esr< 102.8102.8
mozillafirefox_esr>= unspecified < 102.8102.8
mozillathunderbird< 102.8102.8
mozillathunderbird>= 0 < 1:102.8.0-1~deb11u11:102.8.0-1~deb11u1
mozillathunderbird>= 0 < 1:102.8.0-11:102.8.0-1
mozillathunderbird>= 0 < 1:102.8.0-11:102.8.0-1
mozillathunderbird>= 0 < 1:102.8.0-11:102.8.0-1
mozillathunderbird>= 0 < 1:102.8.0+build2-0ubuntu0.18.04.11:102.8.0+build2-0ubuntu0.18.04.1
mozillathunderbird>= 0 < 1:102.8.0+build2-0ubuntu0.20.04.11:102.8.0+build2-0ubuntu0.20.04.1
mozillathunderbird>= 0 < 1:102.8.0+build2-0ubuntu0.22.04.11:102.8.0+build2-0ubuntu0.22.04.1
mozillathunderbird>= unspecified < 102.8102.8

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.