CVE-2023-29538 Information

Jun 03, 2023 cve

Description

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user’s machine. This vulnerability affects Firefox for Android < 112 Firefox < 112 and Focus for Android < 112.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1685403 https://www.mozilla.org/security/advisories/mfsa2023-13/

Share on: