When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1437126 | Issue Tracking Vendor Advisory |
https://bugzilla.mozilla.org/show_bug.cgi?id=1812611 | Exploit Issue Tracking Vendor Advisory |
https://bugzilla.mozilla.org/show_bug.cgi?id=1813376 | Issue Tracking Permissions Required |
https://www.mozilla.org/security/advisories/mfsa2023-05/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2023-06-02T00:00:00
Updated: 2023-06-02T00:00:00
Reserved: 2023-02-13T00:00:00
Link: CVE-2023-25741
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-02T17:15:11.537
Modified: 2023-06-08T16:36:10.880
Link: CVE-2023-25741
JSON object: View
Redhat Information
No data.
CWE