CVE-2021-23956

Summary

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox< 85affected

Weaknesses

  • File picker dialog could have been used to disclose a complete directory

ADP Enrichment

CVE Program Container

Additional References

References