CVE-2023-23604 Information

Description

A duplicate SystemPrincipal object could be created when parsing a non-system html document via DOMParser::ParseFromSafeString. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.

Reference

https://www.mozilla.org/security/advisories/mfsa2023-01/ https://bugzilla.mozilla.org/show_bug.cgi?id=1802346