CVE-2023-5725 Information

Description

A malicious installed WebExtension could open arbitrary URLs which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119 Firefox ESR < 115.4 and Thunderbird < 115.4.1.

Reference

https://www.mozilla.org/security/advisories/mfsa2023-45/ https://www.mozilla.org/security/advisories/mfsa2023-47/ https://bugzilla.mozilla.org/show_bug.cgi?id=1845739 https://www.mozilla.org/security/advisories/mfsa2023-46/ https://www.debian.org/security/2023/dsa-5535