Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-23603
HistoryJun 02, 2023 - 5:15 p.m.

Design/Logic Flaw

2023-06-0217:15:00
PRIOn knowledge base
www.prio-n.com
8
regular expressions
filtering
console.log
data exfiltration
firefox
thunderbird
vulnerability
nvd

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.3%

Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren’t accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.