CVE-2024-8388

NVD Published Date: September 03, 2024 at 01:15 PM
NVD Last Modified: September 04, 2024 at 03:49 PM
Download Patch
Vulnerability ID
CVE-2024-8388
Severity
MEDIUM
Severity Score
5.3
Summary
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CWE ID
NVD-CWE-noinfo

Recent Publish

CVE-2024-8389

CVE-2024-8383

CVE-2024-6232

2024-01 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5034122)

2024-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5034122)

2024-01 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5034122)

See SecOps Solution
in action

Schedule Demo