Back to search
CVE-2021-29987
Published: Aug 17, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91 and Thunderbird < 91.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox | affected unspecified - < 91 |
Mozilla | Thunderbird | affected unspecified - < 91 |
References
https://www.mozilla.org/security/advisories/mfsa2021-33/
x_refsource_MISC
https://www.mozilla.org/security/advisories/mfsa2021-36/
x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1716129
x_refsource_MISC
GLSA-202202-03
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now