CVE-2025-11711

Medium

There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability was fixed in…

mozilla·CWE-591·Published 2025-10-14

CVSS

6.5

EPSS

0.00

KEV

Exploits

cve.orgen

231 chars

There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

NVDen

231 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N