Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox ESR 安全漏洞
Vulnerability Description
Mozilla Firefox ESR是美国Mozilla基金会的Firefox(Web浏览器)的一个延长支持版本。 Mozilla Firefox ESR 102.8 之前版本存在安全漏洞,攻击者利用该漏洞可能导致拒绝服务或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A