CVE-2024-5691

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

CVE-2024-5691

The CVE-2024-5691 entry describes a vulnerability where an attacker could trick a sandboxed iframe using an X-Frame-Options header to present a button that, if clicked, bypasses sandbox restrictions and opens a new window. Affected products (per the provided documents) include Mozilla Firefox and...

CVE-2024-5691

By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...

The vulnerability of the Firefox browser, which allows a malicious actor to circumvent window object restrictions

The Mozilla Firefox browser contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original method-implementations of various JavaScript engin...

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to circumvent window object restrictions

Mozilla SeaMonkey software contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to circumvent window object restrictions by utilizing incompatibility in the original method-extractors of various JavaScript engines...

Mozilla Firefox js/src/proxy/Proxy.cpp Restriction Bypass Vulnerability

Mozilla Firefox is an open source web browser. The Mozilla Firefox js/src/proxy/Proxy.cpp file fails to properly handle the 'receiver' parameter. A remote attacker can exploit the vulnerability to bypass specific window access restrictions...