{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "80", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80."}], "problemTypes": [{"descriptions": [{"description": "Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-01T18:43:08", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-36/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-15665", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "80"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2020-36/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-36/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:30.678Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-36/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2020-15665", "datePublished": "2020-10-01T18:43:08", "dateReserved": "2020-07-10T00:00:00", "dateUpdated": "2024-08-04T13:22:30.678Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "334D3118-529D-4AAB-82A4-1EC3AA047D3D", "versionEndExcluding": "80.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80."}, {"lang": "es", "value": "Firefox no restableci\u00f3 la barra de direcciones despu\u00e9s de que se mostrara el cuadro de di\u00e1logo beforeunload se mostrara si el usuario eligiera permanecer en la p\u00e1gina.&#xa0;Esto podr\u00eda haber resultado en que una URL incorrecta sea mostrada cuando se usaba en conjunto con otros comportamientos inesperados del navegador.&#xa0;Esta vulnerabilidad afecta a Firefox versiones anteriores a 80"}], "id": "CVE-2020-15665", "lastModified": "2024-11-21T05:05:58.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-01T19:15:13.127", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-36/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1651636"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-36/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "firefox: Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown", "id": "1885176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885176"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-451", "details": ["Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80."], "name": "CVE-2020-15665", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2020-10-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-15665\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15665\nhttps://www.mozilla.org/security/advisories/mfsa2020-36/"], "threat_severity": "Moderate"}

{}