QwikSec

Security Database

CVE

CWE

Training

CVE-2024-9392

Published: Oct 1, 2024

Modified: Nov 3, 2025

PUBLISHED

Description

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.

Vendor	Product	Versions
Mozilla	Firefox	affected `unspecified - < 131`
Mozilla	Firefox ESR	affected `unspecified - < 128.3`
Mozilla	Firefox ESR	affected `unspecified - < 115.16`
Mozilla	Thunderbird	affected `unspecified - < 128.3`
Mozilla	Thunderbird	affected `unspecified - < 131`

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1899154

https://bugzilla.mozilla.org/show_bug.cgi?id=1905843

https://www.mozilla.org/security/advisories/mfsa2024-46/

https://www.mozilla.org/security/advisories/mfsa2024-47/

https://www.mozilla.org/security/advisories/mfsa2024-48/

https://www.mozilla.org/security/advisories/mfsa2024-49/

https://www.mozilla.org/security/advisories/mfsa2024-50/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.