Lucene search
MozillaCVE-2024-26283HistoryFeb 22, 2024 - 3:15 p.m.
CVE-2024-26283
2024-02-2215:15:08
CWE-83
mozilla
web.nvd.nist.gov
4504
cve-2024-26283
unauthorized script execution
firefox
ios
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6
Confidence
Low
EPSS
0
Percentile
9.0%
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
Affected configurations
Node
mozillafirefox_for_iosRange≤123
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox_for_ios | * | cpe:2.3:a:mozilla:firefox_for_ios:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Firefox for iOS",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "123",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2024-02-22 15:15:00
vulnrichment
vulnrichment
CVE-2024-26283
2024-02-22 14:56:43
cnvd
cnvd
Mozilla Firefox for iOS cross-site scripting vulnerability (CNVD-2024-12553)
2024-03-01 00:00:00
cvelist
cvelist
CVE-2024-26283
2024-02-22 14:56:43
debiancve
debiancve
CVE-2024-26283
2024-02-22 15:15:08
nvd
nvd
CVE-2024-26283
2024-02-22 15:15:08
mozilla
mozilla
Security Vulnerabilities fixed in Firefox for iOS 123 — Mozilla
2024-02-19 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-26283