Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
Firefox
- < 127
- ESR < 115.12
Source
security@mozilla.org
Tags
CVE-2024-5691 details
Published : June 11, 2024, 1:15 p.m.
Last Modified : June 11, 2024, 1:54 p.m.
Last Modified : June 11, 2024, 1:54 p.m.
Description
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127 and Firefox ESR < 115.12.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1888695 | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-25/ | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-26/ | security@mozilla.org |
This website uses the NVD API, but is not approved or certified by it.