Vulnerability CVE-2024-6607
Published: 2024-07-09

Description:
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `&lt;select&gt;` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128.

 References:
https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
https://www.mozilla.org/security/advisories/mfsa2024-29/
Copyright 2026, cxsecurity.com

 

Back to Top