CVE-2024-0953
Published: 05 February 2024
Summary
CVE-2024-0953 is a medium-severity Open Redirect (CWE-601) vulnerability in Mozilla Firefox. Its CVSS base score is 6.1 (Medium).
Operationally, ranked at the 33.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-16732
Vulnerability details
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content.…
more
This vulnerability affects Firefox for iOS < 129.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.