Vulnerabilities > CVE-2023-23600 - Unspecified vulnerability in Mozilla Firefox

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mozilla

NVD

Published: 2023-06-02

Updated: 2023-06-08

Summary

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 109.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox 80.0 Mozilla Firefox 83.0 Mozilla Firefox 84.0 Mozilla Firefox 84.1.3 Mozilla Firefox 92.0 Mozilla Firefox 104.0	6

References

https://www.mozilla.org/security/advisories/mfsa2023-01/
https://bugzilla.mozilla.org/show_bug.cgi?id=1787034