CVE-2023-28164 - Exploiting URL Drag-and-Drop From Cross-Origin iframes — User Confusion and Website Spoofing in Firefox < 111
---
Every year, browser bugs open the door to sneaky attacks—and CVE-2023-28164 is a classic case where a small drag-and-drop error led to big
CVE-2023-25739 - Use-After-Free in ScriptLoadContext – How A Simple Bug Opened a Door in Mozilla Firefox & Thunderbird
CVE-2023-25739 is a serious security vulnerability found in Mozilla Firefox (before version 110), Thunderbird (before 102.8), and Firefox ESR (before 102.8). At the
CVE-2023-25751 - How a JIT Code Invalidation Bug Could Crash Firefox and Thunderbird
If you use Firefox, Thunderbird, or even enterprise builds of Firefox, you need to know about CVE-2023-25751. This is a subtle but dangerous bug caused
CVE-2023-23602 - How a WebWorker Bypass Put Firefox Users at Risk
Web security matters. Sometimes, even small mistakes can open up surprising holes, and that's exactly what happened with CVE-2023-23602, a vulnerability that slipped
CVE-2023-25735 - Understanding the Cross-Compartment Proxy Use-After-Free Vulnerability in Firefox and Thunderbird
In early 2023, a critical security issue – CVE-2023-25735 – was discovered affecting Mozilla Firefox (versions before 110), Firefox ESR (before 102.8), and Thunderbird (before 102.
Episode
00:00:00
00:00:00