VDB

CISA-2024-6608

CISA-2024-6608 PUBLISHED CVSS 4.3 MEDIUM

Reported by mozilla · Published July 9, 2024

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Risk Scores

CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
MozillaFirefoxunspecified
MozillaThunderbirdunspecified
MozillaFirefoxunspecified, unspecified
MozillaThunderbirdunspecified, unspecified

Timeline

  • Jul 9, 2024 CVE Published
  • Oct 30, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›