CVE-2024-11692
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 26, 2024
Updated: Nov 27, 2024
CWE ID 290
Summary
CVE-2024-11692 is a vulnerability that affects Firefox versions below 133 and Firefox ESR below 128.5, as well as Thunderbird versions below 133 and Thunderbird ESR below 128.5. An attacker can exploit this issue by causing a select dropdown to appear over another tab, potentially leading to user confusion and opportunities for spoofing attacks. This could allow attackers to manipulate users into making incorrect selections or divulging sensitive information.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Mozilla Thunderbird
- Mozilla Firefox
- Mozilla Firefox ESR
Affected Vendors
- Mozilla