CVE-2023-6867
CVSS v3.1
6.1 (Medium)
EPSS
0.05 % (22th)
Affected Products
3
Advisories
19
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Weaknesses
- CWE-1021
- Improper Restriction of Rendered UI Layers or Frames
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-12-19 14:15:07
(9 months ago) - Updated Date
-
2024-02-02 02:35:33
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...