CVE-2023-37204
MEDIUMFirefox < 115.0 - Spoofing Attack via Fullscreen Notification Obscuring
Title source: llmDescription
A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.
References (3)
Core 3
Core References
Issue Tracking, Permissions Required
https://bugzilla.mozilla.org/show_bug.cgi?id=1832195
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2023-22/
Third Party Advisory
https://security.gentoo.org/glsa/202401-10
Scores
CVSS v3
6.5
EPSS
0.0017
EPSS Percentile
37.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
Status
published
Products (1)
mozilla/firefox
< 115.0
Published
Jul 05, 2023
Tracked Since
Feb 18, 2026