CVE-2023-37455

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jul 12, 2023

Updated: Jul 20, 2023

CWE ID 1021

Summary

CVE-2023-37455 is a vulnerability affecting Firefox for iOS versions prior to 115. This issue allows a site in a background tab to display a permission request prompt that overlays the site in the foreground tab, potentially deceiving users into granting unwarranted access. The vulnerability could lead to privacy and security risks, as users may unknowingly approve requests from malicious sites. Firefox users on iOS are advised to update their browsers to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Firefox

Affected Vendors

Mozilla

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5Y9lO
https://www.cve.org/CVERecord?id=CVE-2023-37455
https://nvd.nist.gov/vuln/detail/CVE-2023-37455

Back to Vulnerability Database