Security Advisory

CVE-2023-37203

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-05 09:01:27

Last updated 2025-02-13 16:56:32

Assigner mozilla

State PUBLISHED

Description

Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.

← Browse all CVEs View on cve.org ↗