Home > Vulnerability Database > CVE-2023-25741

Mend.io Vulnerability Database

CVE-2023-25741

Date: June 1, 2023

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.

Language: C++

Severity Score

6.5

Related Resources (9)

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1813376

Url: https://github.com/mozilla/gecko-dev/commit/07f08ea87de1666190e2b3fba7c6d3c41d3e6fef

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2023-25741

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1437126

Url: https://www.mozilla.org/security/advisories/mfsa2023-05/

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-25741

Url: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25741

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1812611

Url: https://www.mend.io/vulnerability-database/CVE-2023-25741

Severity Score

6.5

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-25741

Date: June 1, 2023

Language: C++

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?