漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox ESR 安全漏洞
Vulnerability Description
Mozilla Firefox ESR是美国Mozilla基金会的Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox ESR 102.8 之前版本存在安全漏洞,攻击者利用该漏洞可能导致拒绝服务或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A