VYPR
Unrated severityNVD Advisory· Published Sep 11, 2023· Updated Dec 18, 2025

XLL file extensions were downloadable without warnings

CVE-2023-4581

Description

Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

37

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.