CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
29.5%
firefox is vulnerable to Open Redirect. An attacker could exploit this vulnerability by tricking a user into visiting a malicious website. The malicious website would contain a specially crafted link that would redirect the user to an arbitrary website. The user would not be able to see the actual URL of the destination website, so they would be unaware that they were being redirected to a malicious website.
bugzilla.mozilla.org/show_bug.cgi?id=1845739
lists.debian.org/debian-lts-announce/2023/10/msg00037.html
lists.debian.org/debian-lts-announce/2023/10/msg00042.html
security-tracker.debian.org/tracker/CVE-2023-5725
www.debian.org/security/2023/dsa-5535
www.debian.org/security/2023/dsa-5538
www.mozilla.org/security/advisories/mfsa2023-45/
www.mozilla.org/security/advisories/mfsa2023-46/
www.mozilla.org/security/advisories/mfsa2023-47/
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
29.5%