Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2021-12-08T21:21:47
Updated: 2024-08-04T01:44:22.919Z
Reserved: 2021-08-10T00:00:00
Link: CVE-2021-38506
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-08T22:15:08.897
Modified: 2022-12-09T15:31:26.187
Link: CVE-2021-38506
Redhat