{ "id": "CVE-2024-1550", "sourceIdentifier": "security@mozilla.org", "published": "2024-02-20T14:15:08.733", "lastModified": "2024-03-04T09:15:37.870", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8." }, { "lang": "es", "value": "Un sitio web malicioso podr\u00eda haber utilizado una combinaci\u00f3n de salir del modo de pantalla completa y `requestPointerLock` para provocar que el mouse del usuario se reposicionara inesperadamente, lo que podr\u00eda haber llevado a confusi\u00f3n al usuario y haber otorgado permisos sin darse cuenta que no ten\u00eda intenci\u00f3n de otorgar. Esta vulnerabilidad afecta a Firefox < 123, Firefox ESR < 115.8 y Thunderbird < 115.8." } ], "metrics": {}, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1860065", "source": "security@mozilla.org" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html", "source": "security@mozilla.org" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html", "source": "security@mozilla.org" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-05/", "source": "security@mozilla.org" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-06/", "source": "security@mozilla.org" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2024-07/", "source": "security@mozilla.org" } ] }