Vulnerabilities > CVE-2023-29538 - Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox and Focus
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.