Lucene search

K
nvd[email protected]NVD:CVE-2022-22743
HistoryDec 22, 2022 - 8:15 p.m.

CVE-2022-22743

2022-12-2220:15:15
web.nvd.nist.gov
cve-2022-22743
browser
fullscreen
vulnerability

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

39.5%

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

Affected configurations

NVD
Node
mozillafirefoxRange<96.0
OR
mozillafirefox_esrRange<91.5
OR
mozillathunderbirdRange<91.5

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

39.5%