PT-2023-1952 · Mozilla+10 · Firefox Esr+12
Edgar
·
Published
2023-03-14
·
Updated
2025-01-09
·
CVE-2023-28164
CVSS v3.1
7.5
High
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 111
Firefox ESR versions prior to 102.9
Thunderbird versions prior to 102.9
Description
The issue is related to errors in presenting information to the user interface, potentially leading to user confusion and website spoofing attacks. This could allow a remote attacker to conduct spoofing attacks.
Recommendations
For Firefox versions prior to 111, update to version 111 or later.
For Firefox ESR versions prior to 102.9, update to version 102.9 or later.
For Thunderbird versions prior to 102.9, update to version 102.9 or later.
Exploit
Fix
UI Misrepresentation of Critical Information
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu