Vulnerability Database

313,664

Total vulnerabilities in the database

CVE-2023-23603

Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

Published: Jun 2, 2023
Updated: Dec 19, 2025
CVE: CVE-2023-23603
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWEs:

CWE-770

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	109.0
mozilla / firefox_esr	-	102.7
mozilla / thunderbird	-	102.7

https://bugzilla.mozilla.org/show_bug.cgi?id=1800832
https://www.mozilla.org/security/advisories/mfsa2023-01/
https://www.mozilla.org/security/advisories/mfsa2023-02/
https://www.mozilla.org/security/advisories/mfsa2023-03/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo