CVE-2023-6211

Published: Nov 21, 2023

Modified: Feb 13, 2025

PUBLISHED

Description

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.

Vendor	Product	Versions
Mozilla	Firefox	affected `unspecified - < 120`

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1850200

https://www.mozilla.org/security/advisories/mfsa2023-49/

https://security.gentoo.org/glsa/202401-10

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-6211

Description

Affected Products

References