QwikSec

Security Database

CVE

CWE

Training

CVE-2024-1547

Published: Feb 20, 2024

Modified: Mar 28, 2025

PUBLISHED

Description

Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Vendor	Product	Versions
Mozilla	Firefox	affected `unspecified - < 123`
Mozilla	Firefox ESR	affected `unspecified - < 115.8`
Mozilla	Thunderbird	affected `unspecified - < 115.8`

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879

https://www.mozilla.org/security/advisories/mfsa2024-05/

https://www.mozilla.org/security/advisories/mfsa2024-06/

https://www.mozilla.org/security/advisories/mfsa2024-07/

https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html

https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.