CVE-2024-4768 Information

Description

A bug in popup notifications’ interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126 Firefox ESR < 115.11 and Thunderbird < 115.11.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1886082 https://www.mozilla.org/security/advisories/mfsa2024-21/ https://www.mozilla.org/security/advisories/mfsa2024-22/ https://www.mozilla.org/security/advisories/mfsa2024-23/