Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-5691

June 11, 2024, 1:54 p.m.

Tags

security@mozilla.org
2024-06-11
CVE-2024-5691

Product(s) Impacted

Firefox

  • < 127
  • ESR < 115.12

Description

By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.

Weaknesses

Date

Published: June 11, 2024, 1:15 p.m.

Last Modified: June 11, 2024, 1:54 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

security@mozilla.org

References

https://bugzilla.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org
https://www.mozilla.org/ security@mozilla.org