Lucene search
HistoryFeb 22, 2024 - 3:15 p.m.
CVE-2024-26283
attacker
unauthorized scripts
top origin sites
javascript uri
external url
custom firefox scheme
vulnerability
firefox for ios
version 123
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
5.8
Confidence
Low
EPSS
0
Percentile
9.0%
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
Related
prion
prion
Design/Logic Flaw
2024-02-22 15:15:00
vulnrichment
vulnrichment
CVE-2024-26283
2024-02-22 14:56:43
cnvd
cnvd
Mozilla Firefox for iOS cross-site scripting vulnerability (CNVD-2024-12553)
2024-03-01 00:00:00
cve
cve
CVE-2024-26283
2024-02-22 15:15:08
cvelist
cvelist
CVE-2024-26283
2024-02-22 14:56:43
debiancve
debiancve
CVE-2024-26283
2024-02-22 15:15:08
mozilla
mozilla
Security Vulnerabilities fixed in Firefox for iOS 123 — Mozilla
2024-02-19 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
5.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-26283