ID | CVE-2025-5265 | ||||||
Sažetak | Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L | ||||||
Zadnje važnije ažuriranje | 11-06-2025 - 12:15 | ||||||
Objavljeno | 27-05-2025 - 13:15 |