CVE-2024-8382
Published: Sep 3, 2024
Modified: Nov 4, 2025
Description
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
| Vendor | Product | Versions |
|---|---|---|
Mozilla | Firefox | affected unspecified - < 130 |
Mozilla | Firefox ESR | affected unspecified - < 128.2 |
Mozilla | Firefox ESR | affected unspecified - < 115.15 |
Mozilla | Thunderbird | affected unspecified - < 128.2 |
Mozilla | Thunderbird | affected unspecified - < 115.15 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now