Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43538ID: oval:org.secpod.oval:def:76323 | Date: (C)2021-12-08 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks.
Platform: |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Microsoft Windows Server |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Product: |
Mozilla Firefox |
Mozilla Firefox ESR |
Mozilla Thunderbird |