CVE-2024-5698

By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

History

23 Aug 2024, 15:56

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1828259 - () https://bugzilla.mozilla.org/show_bug.cgi?id=1828259 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2024-25/ - () https://www.mozilla.org/security/advisories/mfsa2024-25/ - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
Summary
  • (es) Al manipular la función de pantalla completa al abrir una lista de datos, un atacante podría haber superpuesto un cuadro de texto sobre la barra de direcciones. Esto podría haber generado confusión en los usuarios y posibles ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox &lt; 127.
CWE CWE-1021
CPE cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
First Time Mozilla firefox
Mozilla

11 Jun 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-11 13:15

Updated : 2024-08-23 15:56


NVD link : CVE-2024-5698

Mitre link : CVE-2024-5698

CVE.ORG link : CVE-2024-5698


JSON object : View

Products Affected

mozilla

  • firefox
CWE
CWE-1021

Improper Restriction of Rendered UI Layers or Frames