CVE-2024-6610

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

History

21 Nov 2024, 09:49

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1883396 - Issue Tracking, Permissions Required () https://bugzilla.mozilla.org/show_bug.cgi?id=1883396 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2024-29/ - Vendor Advisory () https://www.mozilla.org/security/advisories/mfsa2024-29/ - Vendor Advisory
References () https://www.mozilla.org/security/advisories/mfsa2024-32/ - Vendor Advisory () https://www.mozilla.org/security/advisories/mfsa2024-32/ - Vendor Advisory

29 Aug 2024, 18:22

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=1883396 - () https://bugzilla.mozilla.org/show_bug.cgi?id=1883396 - Issue Tracking, Permissions Required
References () https://www.mozilla.org/security/advisories/mfsa2024-29/ - () https://www.mozilla.org/security/advisories/mfsa2024-29/ - Vendor Advisory
References () https://www.mozilla.org/security/advisories/mfsa2024-32/ - () https://www.mozilla.org/security/advisories/mfsa2024-32/ - Vendor Advisory
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
First Time Mozilla
Mozilla thunderbird
Mozilla firefox
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3

16 Jul 2024, 18:15

Type Values Removed Values Added
References
  • () https://www.mozilla.org/security/advisories/mfsa2024-32/ -
Summary
  • (es) Las ventanas emergentes de validación de formularios podrían capturar las pulsaciones de la tecla de escape. Por lo tanto, se podrían utilizar mensajes de validación de formularios de spam para evitar que los usuarios salgan del modo de pantalla completa. Esta vulnerabilidad afecta a Firefox &lt; 128.
Summary (en) Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128. (en) Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.

09 Jul 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-09 15:15

Updated : 2024-11-21 09:49


NVD link : CVE-2024-6610

Mitre link : CVE-2024-6610

CVE.ORG link : CVE-2024-6610


JSON object : View

Products Affected

mozilla

  • firefox
  • thunderbird