CVE-2023-37210: 
NixOS vulnerability analysis and mitigation

CVE-2023-37210 is a security vulnerability discovered in Mozilla Firefox versions prior to 115. The vulnerability allows websites to prevent users from exiting full-screen mode through alert and prompt calls, potentially leading to user confusion and spoofing attacks (Mozilla Advisory, NVD).

The vulnerability has a CVSS v3.1 Base Score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N. The issue specifically involves the browser's handling of full-screen mode exit functionality, where malicious websites could interfere with the user's ability to exit full-screen mode by exploiting alert and prompt calls (NVD).

The vulnerability could lead to user confusion and possible spoofing attacks by preventing users from exiting the browser's full-screen mode. This could potentially be exploited by attackers to create convincing phishing scenarios or other social engineering attacks (Mozilla Advisory).

The vulnerability was fixed in Firefox version 115. Users and administrators are advised to upgrade to Firefox 115 or later to mitigate this security issue. The fix involves reserving shortcut keys for exiting from the full-screen mode (Mozilla Advisory, Bugzilla).