CVE-2024-0749

CVSS v3.1 4.3 (Medium)

EPSS 0.05 % (20^th)

Affected Products 4

Advisories 33

A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.

Weaknesses

CWE-346: Origin Validation Error

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2024-01-23 14:15:38
(7 months ago)
Updated Date: 2024-02-09 02:15:08
(7 months ago)

Affected Products

Debian

Debian Linux

Mozilla

Firefox
Firefox Esr
Thunderbird

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 122.0 version	cpe:2.3:a:mozilla:firefox	< 122.0
Mozilla Firefox Esr prior 115.7 version	cpe:2.3:a:mozilla:firefox_esr	< 115.7
Mozilla Thunderbird prior 115.7 version	cpe:2.3:a:mozilla:thunderbird	< 115.7

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0