Security Advisory

CVE-2025-13017

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-11 15:47:16

Last updated 2026-04-13 14:26:28

Assigner mozilla

State PUBLISHED

Description

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.

← Browse all CVEs View on cve.org ↗