Security Advisory

CVE-2023-23604

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-02 00:00:00

Last updated 2025-12-18 15:23:26

Assigner mozilla

State PUBLISHED

Description

A duplicate `SystemPrincipal` object could be created when parsing a non-system html document via `DOMParser::ParseFromSafeString`. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.

← Browse all CVEs View on cve.org ↗