Описание
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect Firefox running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect Firefox running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-11713
- https://bugzilla.mozilla.org/show_bug.cgi?id=1986142
- https://www.mozilla.org/security/advisories/mfsa2025-81
- https://www.mozilla.org/security/advisories/mfsa2025-83
- https://www.mozilla.org/security/advisories/mfsa2025-84
- https://www.mozilla.org/security/advisories/mfsa2025-85
Связанные уязвимости
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
Insufficient escaping in the \u201cCopy as cURL\u201d feature could ha ...
Уязвимость функции Copy as cURL браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
