CVE Published: 22/12/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: mozilla |
Vendor: Mozilla |
Product: Firefox ESR Status : PUBLISHED
CVE-2022-45408 Description
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.