ghsa-8q5j-74vg-j4hr
Vulnerability from github
Published
2024-02-20 15:31
Modified
2024-03-04 09:30
Details
A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123 and Firefox ESR < 115.8.
{
"affected": [],
"aliases": [
"CVE-2024-1550"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-20T14:15:08Z",
"severity": null
},
"details": "A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user\u0027s mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox \u003c 123 and Firefox ESR \u003c 115.8.",
"id": "GHSA-8q5j-74vg-j4hr",
"modified": "2024-03-04T09:30:29Z",
"published": "2024-02-20T15:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1550"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-05"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-06"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-07"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...