0.004 Low
EPSS
Percentile
72.0%
firefox is vulnerable to authorization bypass. The vulnerability exists as the code for downloading files did not validate special characters, allowing the file path to be cut off earlier, resulting in the downloading of a different file.
lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html
bugzilla.mozilla.org/show_bug.cgi?id=1637745
usn.ubuntu.com/4443-1/
www.mozilla.org/security/advisories/mfsa2020-30/
www.mozilla.org/security/advisories/mfsa2020-32/
www.mozilla.org/security/advisories/mfsa2020-33/