CVE-2022-31738

medium

Description

When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.

References

https://www.mozilla.org/security/advisories/mfsa2022-20/

https://bugzilla.mozilla.org/show_bug.cgi?id=1756388

https://www.mozilla.org/security/advisories/mfsa2022-22/

https://www.mozilla.org/security/advisories/mfsa2022-21/

Details

Source: MITRE

Published: 2022-12-22

Updated: 2023-01-03

Type: CWE-290