CVE-2021-23996

Description

By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpages viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88.

Risk Information

Base Score

6.5

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS Score

Exploitation Probability

0.27

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities fixed in Mozilla Firefox (88.0)	Windows
Multiple vulnerabilities fixed in Mozilla Firefox (x64) (88.0)	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 87.9-beta1	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 87.9-beta1	Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (88.0.1)	Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 87.9-beta1	Mac
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.16.04.1_i386.deb	Linux
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.16.04.1_amd64.deb	Linux
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.18.04.2_i386.deb	Linux
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.18.04.2_amd64.deb	Linux
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.20.04.1_amd64.deb	Linux
Mozilla Open Source web browser (USN-4926-1) firefox_88.0+build2-0ubuntu0.20.10.1_amd64.deb	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-319192	Mozilla Firefox (88.0)
PATCH-319193	Mozilla Firefox (x64) (88.0)
PATCH-334458	Mozilla Firefox (x64) (120.0)
PATCH-334457	Mozilla Firefox (120.0)
PATCH-607000	Mozilla Firefox For Mac (124.0)
PATCH-611870	Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234