CVE-2024-7518

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 6, 2024
Updated: Oct 29, 2024
CWE ID 1021

Summary

CVE-2024-7518 is a vulnerability affecting Firefox versions below 129, Firefox ESR below 128.1, and Thunderbird below 128.1. Malicious websites can exploit this issue by obscuring the fullscreen notification dialog with certain options. This could lead to spoofing attacks, as users may not be able to properly verify the authenticity of the notification or its source. The vulnerability lies in the way these browsers handle certain options within the fullscreen notification dialog. Users are advised to update their browsers to the latest versions to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share