CVE-2021-29987
CVSS v3.1
6.5 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.13 % (49th)
Affected Products
3
Advisories
18
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. This bug only affects Firefox on Linux. Other operating systems are unaffected.. This vulnerability affects Firefox < 91 and Thunderbird < 91.
Weaknesses
- CWE-307
- Improper Restriction of Excessive Authentication Attempts
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2021-08-17 20:15:07
(3 years ago) - Updated Date
-
2022-03-16 15:13:16
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...