CVE-2023-6206

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-6206

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6206.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-6206

Downstream

DEBIAN-CVE-2023-6206

DLA-3661-1

DLA-3674-1

DSA-5561-1

DSA-5566-1

OESA-2025-1265

OESA-2025-1268

RHSA-2023:7499

RHSA-2023:7500

RHSA-2023:7501

RHSA-2023:7502

RHSA-2023:7503

RHSA-2023:7504

RHSA-2023:7505

RHSA-2023:7506

RHSA-2023:7507

RHSA-2023:7508

RHSA-2023:7509

RHSA-2023:7510

RHSA-2023:7511

RHSA-2023:7512

RHSA-2023:7547

RHSA-2023:7569

RHSA-2023:7570

RHSA-2023:7573

RHSA-2023:7574

RHSA-2023:7577

SUSE-SU-2023:4588-1

SUSE-SU-2023:4912-1

SUSE-SU-2023:4928-1

SUSE-SU-2023:4929-1

UBUNTU-CVE-2023-6206

USN-6509-1

USN-6515-1

openSUSE-SU-2024:13459-1

openSUSE-SU-2024:13468-1

openSUSE-SU-2024:14572-1

Related

Published

2023-11-21T15:15:07Z

Modified

2025-08-09T20:01:27Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

References

Affected packages