CVE-2024-8386
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-8386 is a vulnerability that can lead to spoofing attacks by allowing Select elements from one site to appear over another if a site has permission to open popup windows. This issue affects versions of Firefox earlier than 130, as well as Firefox ESR versions prior to 128.2, in addition to Thunderbird versions below 128.2. Organizations can mitigate this risk by updating affected products to their latest versions. The vulnerability poses a medium threat level, requiring user interaction and presenting a low impact on integrity and confidentiality. Users are advised to follow remediation steps outlined in Mozilla's security advisories for updated software versions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.