CVE-2023-37206

Summary

Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 115affected

Weaknesses

  • Insufficient validation of symlinks in the FileSystem API

ADP Enrichment

CVE Program Container

Additional References

References