Описание
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.
Ссылки
- Permissions Required
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
EPSS
8.1 High
CVSS3
Дефекты
Связанные уязвимости
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.
If a user saved a response from the Network tab in Devtools using the ...
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140.
Уязвимость компонента File Extension Handler браузера Mozilla Firefox, позволяющая нарушителю загрузить произвольный файл
EPSS
8.1 High
CVSS3