A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 112.0 (excluding) |
Firefox_esr | Mozilla | * | 102.10 (excluding) |
Focus | Mozilla | * | 112.0 (excluding) |
Thunderbird | Mozilla | * | 102.10 (excluding) |