Vitortorresvt

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 110 Mozilla Firefox ESR versions prior to 102.8 Mozilla Thunderbird versions prior to 102.8 **Description** The issue is related to the incorrect neutralization of encoded schemes in URI on web pages. This could allow a remote attacker to download files or interact with software already installed on the system. The vulnerability is exploited through permission prompts for opening external schemes, which were only shown for certain principals, allowing extensions to open them without user interaction. **Recommendations** For Mozilla Firefox versions prior to 110, update to version 110 or later to resolve the issue. For Mozilla Firefox ESR versions prior to 102.8, update to version 102.8 or later to resolve the issue. For Mozilla Thunderbird versions prior to 102.8, update to version 102.8 or later to resolve the issue.