CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
50.1%
A race condition could have allowed bypassing the fullscreen notification
which could have lead to a fullscreen window spoof being
unnoticed.<br>This bug only affects Firefox for Windows. Other operating
systems are unaffected.. This vulnerability affects Firefox ESR < 91.5,
Firefox < 96, and Thunderbird < 91.5.
Author | Note |
---|---|
tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |