cbcvebase.
CVE-2023-4579
published 2023-09-11

CVE-2023-4579: Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could…

PriorityP410low3.1CVSS 3.1
AVNACHPRNUIRSUCNILAN
EPSS
0.38%
30.2th percentile
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianfirefox< firefox 117.0-1 (sid)firefox 117.0-1 (sid)
mozillafirefox< 117.0117.0
mozillafirefox
mozillafirefox>= 0 < 117.0+build2-0ubuntu0.20.04.1117.0+build2-0ubuntu0.20.04.1
mozillafirefox>= unspecified < 117117

CVSS provenance

nvdv3.13.1LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
osv6.5MEDIUM
vendor_ubuntu6.5MEDIUM
vendor_debian3.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.