We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-4047



Assignermozilla
Reserved2023-08-01
Published2023-08-01
Updated2024-10-22

Description

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Product status

Any version before 116
affected

Any version before 102.14
affected

Any version before 115.1
affected

Credits

Axel Chong (@Haxatron)

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1839073

https://www.mozilla.org/security/advisories/mfsa2023-29/

https://www.mozilla.org/security/advisories/mfsa2023-30/

https://www.mozilla.org/security/advisories/mfsa2023-31/

https://www.debian.org/security/2023/dsa-5464

https://www.debian.org/security/2023/dsa-5469

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

cve.org CVE-2023-4047

nvd.nist.gov CVE-2023-4047

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-4047
Subscribe to our newsletter to learn more about our work.