We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Reserved 2023-08-01 | Published 2023-08-01 | Updated 2024-10-22 | Assigner mozillaPotential permissions request bypass via clickjacking
Axel Chong (@Haxatron)
bugzilla.mozilla.org/show_bug.cgi?id=1839073
www.mozilla.org/security/advisories/mfsa2023-29/
www.mozilla.org/security/advisories/mfsa2023-30/
www.mozilla.org/security/advisories/mfsa2023-31/
www.debian.org/security/2023/dsa-5464
www.debian.org/security/2023/dsa-5469
lists.debian.org/debian-lts-announce/2023/08/msg00008.html
lists.debian.org/debian-lts-announce/2023/08/msg00010.html
Support options
