Home

Description

Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.

PUBLISHED Reserved 2024-07-09 | Published 2024-07-09 | Updated 2024-09-12 | Assigner mozilla

Problem types

Firefox Android missed activation delay to prevent tapjacking

Product status

Any version before 128
affected

Credits

Shaheen Fazim

References

bugzilla.mozilla.org/show_bug.cgi?id=1836786

www.mozilla.org/security/advisories/mfsa2024-29/

cve.org (CVE-2024-6605)

nvd.nist.gov (CVE-2024-6605)

Download JSON