CVE-2023-25740
The Mozilla Foundation Security Advisory: After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource. This...