Lucene search
Veracode Vulnerability DatabaseVERACODE:26960HistorySep 21, 2020 - 6:27 a.m.
Privilege Escalation
2020-09-2106:27:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
firefox
privilege escalation
malicious extension
webauthflow
redirect_uri
auth code
user's account
vulnerability
EPSS
0.002
Percentile
64.6%
firefox is vulnerable to privilege escalation. A malicious extension is able to call browser.identity.launchWebAuthFlow and control the redirect_uri. Subsequently, the Auth code can be retrieved and access to user’s account is obtained.
Related
prion
prion
Code injection
2020-04-24 16:15:00
redhatcve
redhatcve
CVE-2020-6823
2020-04-14 07:35:39
debiancve
debiancve
CVE-2020-6823
2020-04-24 16:15:13
alpinelinux
alpinelinux
CVE-2020-6823
2020-04-24 16:15:13
ubuntucve
ubuntucve
CVE-2020-6823
2020-04-07 00:00:00
cvelist
cvelist
CVE-2020-6823
2020-04-24 15:53:30
cve
cve
CVE-2020-6823
2020-04-24 16:15:13
nvd
nvd
CVE-2020-6823
2020-04-24 16:15:13
nessus
nessus
RHEL 8 : mozilla (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : mozilla (Unpatched Vulnerability)
2024-05-11 00:00:00
Mozilla Firefox < 75.0 Multiple Vulnerabilities (mfsa2020-12)
2020-04-07 00:00:00
archlinux
archlinux
[ASA-202004-8] firefox: multiple issues
2020-04-08 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2020-04-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4323-1)
2020-04-08 00:00:00
Mozilla Firefox Security Advisory (MFSA2020-12) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Advisories (MFSA2020-12, MFSA2020-13) - Windows
2020-04-08 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2020-04-23 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 75 — Mozilla
2020-04-07 00:00:00
kaspersky
kaspersky
KLA11725 Multiple vulnerabilities in Mozilla Firefox
2020-04-07 00:00:00
osv
osv
MozillaFirefox-92.0-1.2 on GA media
2024-06-15 00:00:00