CVE-2023-5727 Information

Description

The executable file warning was not presented when downloading .msix .msixbundle .appx and .appxbundle files which can run commands on a user’s computer.
Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 119 Firefox ESR < 115.4 and Thunderbird < 115.4.1.

Reference

https://www.mozilla.org/security/advisories/mfsa2023-45/ https://www.mozilla.org/security/advisories/mfsa2023-47/ https://www.mozilla.org/security/advisories/mfsa2023-46/ https://bugzilla.mozilla.org/show_bug.cgi?id=1847180