Описание
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 115.0+build2-0ubuntu0.20.04.3 |
| jammy | not-affected | code not present |
| kinetic | ignored | end of life, was needs-triage |
| lunar | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | 115.0-1 |
| xenial | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | |
| esm-infra/focal | DNE | |
| focal | not-affected | |
| jammy | not-affected | |
| kinetic | ignored | end of life, was needed |
| lunar | not-affected | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.
Insufficient validation in the Drag and Drop API in conjunction with s ...
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.
Уязвимость реализации прикладного программного интерфейса Drag and Drop браузера Firefox, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3