CVE-2023-5758 — Cross-site Scripting in Mozilla Firefox FOR IOS
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 46.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 25
Description
When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-fpp8-6gxj-v3pg: When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS)↗2023-10-25
CVEList▶
CVE-2023-5758: When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS)↗2023-10-24