{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T08:25:09.512","vulnerabilities":[{"cve":{"id":"CVE-2023-6211","sourceIdentifier":"security@mozilla.org","published":"2023-11-21T15:15:08.057","lastModified":"2024-11-21T08:43:22.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120."},{"lang":"es","value":"Si un atacante necesitaba que un usuario cargara una página http: insegura y sabía que el usuario había habilitado el modo solo HTTPS, el atacante podría haber engañado al usuario para que hiciera clic para otorgar una excepción solo HTTPS si pudiera lograr que el usuario participara en una juego de clics. Esta vulnerabilidad afecta a Firefox &lt; 120."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1021"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"120.0","matchCriteriaId":"30F5F1B5-825D-4DC4-A6F0-ED5AD1B031F2"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1850200","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"security@mozilla.org"},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-49/","source":"security@mozilla.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1850200","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202401-10","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.mozilla.org/security/advisories/mfsa2023-49/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}