Unrated severityNVD Advisory· Published Nov 21, 2023· Updated Feb 13, 2025
CVE-2023-6211
CVE-2023-6211
Description
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5<120+ 1 more
- (no CPE)range: <120
- (no CPE)range: unspecified
- osv-coords3 versionspkg:apk/chainguard/firefox-esrpkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweed
< 120.0-r0+ 2 more
- (no CPE)range: < 120.0-r0
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 120.0-1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.