CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
Percentile
41.2%
firefox is vulnerable to Authorization Bypasses. An attacker could exploit this vulnerability by creating a malicious website that uses a mailto URL in a full-screen notification. When the user clicks on the notification, the mailto URL will be opened in an external program, such as their email client. The attacker could then use the mailto URL to send the user a malicious email.