VDB
CVE-2020-6827
CVE-2020-6827
PUBLISHED
CVSS 4.699999809265137 MEDIUM
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.
EPSS 0.32% · 55.4th percentile
Risk Scores
CVSS v3.1
4.699999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS Score
0.32%
55.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox ESR | unspecified |
| mozilla | firefox_esr | 0 |
| Mozilla | Firefox |
Timeline
- Apr 10, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ advisory
- https://www.mozilla.org/security/advisories/mfsa2020-13/ url
- https://bugzilla.mozilla.org/show_bug.cgi?id=1622278 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-6827 advisory
- https://www.mozilla.org/security/advisories/mfsa2020-13 url