CVE-2023-4579

{"id": "CVE-2023-4579", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.6}]}, "published": "2023-09-11T09:15:09.407", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842766", "tags": ["Issue Tracking", "Permissions Required"], "source": "security@mozilla.org"}, {"url": "https://security.gentoo.org/glsa/202401-10", "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842766", "tags": ["Issue Tracking", "Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202401-10", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117."}, {"lang": "es", "value": "Las consultas de b\u00fasqueda en el motor de b\u00fasqueda predeterminado podr\u00edan parecer haber sido la URL navegada actualmente si la consulta de b\u00fasqueda en s\u00ed fuera una URL bien formada. Esto podr\u00eda haber llevado a que un sitio suplantara a otro si se hubiera configurado maliciosamente como motor de b\u00fasqueda predeterminado. Esta vulnerabilidad afecta a Firefox &lt; 117."}], "lastModified": "2024-11-21T08:35:28.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B", "versionEndExcluding": "117.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}