CVE-2020-15651
Description
A unicode RTL order character in the downloaded file name can be used to change the files name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.186
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2020-15651 are affected in Mozilla Firefox 27.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 27.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 27.0.1 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343015 | Mozilla Firefox (132.0.2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234