CVE-2023-23600

Summary

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 109.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 109affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References