vulnerability

MFSA2024-32 Thunderbird: Security Vulnerabilities fixed in Thunderbird 128 (CVE-2024-6607)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 9, 2024
Added
Jul 17, 2024
Modified
Mar 31, 2025

Description

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox

Solution

mozilla-thunderbird-upgrade-128_0
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.