ГлавнаяУязвимости → CVE-2024-11700
8.1высокая

CVE-2024-11700

→ есть в БДУ: BDU:2025-00199 (на русском)
Описание (на английском; русское — в БДУ выше)

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Затрагиваемое ПО
Mozilla FirefoxMozilla Thunderbird
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Источники
https://bugzilla.mozilla.org/show_bug.cgi?id=1836921https://www.mozilla.org/security/advisories/mfsa2024-63/https://www.mozilla.org/security/advisories/mfsa2024-67/