The vulnerability of Firefox browsers, including Firefox ESR, arises from the absence of a confirmation dialog box when opening Usenet links such as “news:“ and “snews:“. This allows a malicious user to download any application and execute any code.
The vulnerability of Firefox and Firefox ESR lies in the absence of a confirmation dialog box when opening “news:“ and “snews:“ protocols related to Usenet. Exploiting this vulnerability allows an attacker to download arbitrary applications and execute arbitrary code...