CVE-2024-8382

NVD Published Date: September 03, 2024 at 01:15 PM
NVD Last Modified: September 06, 2024 at 05:15 PM
Download Patch
Vulnerability ID
CVE-2024-8382
Severity
HIGH
Severity Score
8.8
Summary
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE ID
NVD-CWE-noinfo

Recent Publish

CVE-2024-8384

CVE-2024-8385

CVE-2024-8387

CVE-2024-8388

CVE-2024-8389

CVE-2024-8383

See SecOps Solution
in action

Schedule Demo