CVE Vulnerabilities

CVE-2024-0749

Origin Validation Error

Published: Jan 23, 2024 | Modified: Feb 09, 2024
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.

Weakness

The product does not properly verify that the source of data or communication is valid.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla * *
Firefox_esr Mozilla * *
Thunderbird Mozilla * *

References