{"id":"CVE-2023-5727","details":"The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer.  \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 119, Firefox ESR \u003c 115.4, and Thunderbird \u003c 115.4.1.","modified":"2026-03-14T12:23:19.591643Z","published":"2023-10-25T18:17:44.263Z","related":["SUSE-SU-2023:4212-1","SUSE-SU-2023:4213-1","SUSE-SU-2023:4214-1","SUSE-SU-2023:4302-1","SUSE-SU-2023:4532-1","SUSE-SU-2023:4533-1","SUSE-SU-2023:4551-1","openSUSE-SU-2024:13356-1","openSUSE-SU-2024:13385-1","openSUSE-SU-2024:13412-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-45/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-46/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2023-47/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847180"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"119.0"}]},{"events":[{"introduced":"0"},{"fixed":"115.4"}]},{"events":[{"introduced":"0"},{"fixed":"115.4.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5727.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}