CVE-2023-6209 Information

Description

Relative URLs starting with three slashes were incorrectly parsed and a path-traversal /../\ part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120 Firefox < 115.5 and Thunderbird < 115.5.0.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1858570 https://www.mozilla.org/security/advisories/mfsa2023-49/ https://www.mozilla.org/security/advisories/mfsa2023-50/ https://www.mozilla.org/security/advisories/mfsa2023-52/