Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-r5px-qx88-c9gq

Опубликовано: 11 сент. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 4.3

Описание

Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, and Thunderbird < 115.2.

Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, and Thunderbird < 115.2.

Ссылки

EPSS

Процентиль: 39%
0.00169
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2023-4581

Связанные уязвимости

ubuntu логотип

CVE-2023-4581

CVSS3: 4.3
ubuntu
почти 2 года назад

Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

redhat логотип

CVE-2023-4581

CVSS3: 6.1
redhat
почти 2 года назад

Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

nvd логотип

CVE-2023-4581

CVSS3: 4.3
nvd
почти 2 года назад

Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

debian логотип

CVE-2023-4581

CVSS3: 4.3
debian
почти 2 года назад

Excel `.xll` add-in files did not have a blocklist entry in Firefox's ...

fstec логотип

BDU:2023-05173

CVSS3: 8.2
fstec
почти 2 года назад

Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостаточным предупреждением об опасных действиях, позволяющая нарушителю загружать произвольные файлы

EPSS

Процентиль: 39%
0.00169
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2023-4581