CVE-2023-25729 — Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead t — CVE Database · The Intelligence Room