An unspecified flaw exists in the JavaScript Engine component of Mozilla Firefox. The vulnerability could allow an attacker to influence script execution or the handling of JavaScript code, potentially affecting confidentiality, integrity, or availability of the affected system. The CVE description confirms only that a fix was applied in Firefox 150.0.3.

Mozilla Firefox installations running any version older than 150.0.3 are affected. No additional product or vendor specificity is provided.

The CVSS score is not available, and the EPSS score is missing, indicating that the severity and exploit probability are unknown from the public data. The vulnerability is not listed in CISA's KEV catalog, reducing evidence of active exploitation. The likely attack vector is inferred to be web-based or browser-context attacks that deliver malicious JavaScript, but no explicit attack path is documented in the description. Without concrete exploitation evidence, the risk is judged to be uncertain but potentially significant for vulnerable browsers.