CVE-2021-29975
Description
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox < 90.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.391
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities fixed in Mozilla Firefox (90.0) | Windows |
| Multiple vulnerabilities fixed in Mozilla Firefox (x64) (90.0) | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (90.0) | Mac |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (90.0.2) | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 89.0 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-320502 | Mozilla Firefox (90.0) |
| PATCH-320503 | Mozilla Firefox (x64) (90.0) |
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-607000 | Mozilla Firefox For Mac (124.0) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234