If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.18-community | noarch | firefox | = 119.0-r0 | UNKNOWN |