6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.4%
The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window.
X-Frame-Options
bugzilla.redhat.com/show_bug.cgi?id=2291397
nvd.nist.gov/vuln/detail/CVE-2024-5691
www.cve.org/CVERecord?id=CVE-2024-5691
www.mozilla.org/en-US/security/advisories/mfsa2024-26/#CVE-2024-5691
www.mozilla.org/en-US/security/advisories/mfsa2024-28/#CVE-2024-5691