After downloading a Windows `.scf` script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource. *This bug only affects Firefox for Windows. Other operating systems are unaffected.* External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25740