firefox is vulnerable to function spoofing. By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission.
bugzilla.mozilla.org/show_bug.cgi?id=1366818
lists.debian.org/debian-lts-announce/2021/12/msg00030.html
lists.debian.org/debian-lts-announce/2022/01/msg00001.html
secdb.alpinelinux.org/edge/community.yaml
security.gentoo.org/glsa/202202-03
security.gentoo.org/glsa/202208-14
www.debian.org/security/2021/dsa-5026
www.debian.org/security/2022/dsa-5034
www.mozilla.org/security/advisories/mfsa2021-48/
www.mozilla.org/security/advisories/mfsa2021-49/
www.mozilla.org/security/advisories/mfsa2021-50/