CVE-2023-49061Open Redirect in Mozilla Firefox FOR IOS

CWE-601Open Redirect5 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 57.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla Firefox FOR IOSMozilla Firefox
Timeline
PublishedNov 21

Description

An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. This vulnerability affects Firefox for iOS < 120.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDmozilla/firefox< 120.0
CVEListV5mozilla/firefox_for_iosunspecified120

🔴Vulnerability Details

2
CVEList
CVE-2023-49061: An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information2023-11-21
GHSA
GHSA-c6mg-xwvh-76jx: An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information2023-11-21

📋Vendor Advisories

2
Debian
CVE-2023-49061: firefox - An attacker could have performed HTML template injection via Reader Mode and exf...2023
Mozilla
Mozilla Foundation Security Advisory 2023-51: CVE-2023-49061
CVE-2023-49061 — Open Redirect in Mozilla | cvebase