← back
CVE-2023-6210

CVE-2023-6210

EPSS 0.6%
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
Affected products
Mozilla · Firefox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1801501https://security.gentoo.org/glsa/202401-10https://www.mozilla.org/security/advisories/mfsa2023-49/