Through a series of popup and <code>window.print()</code>...
Moderate severity
Unreviewed
Published
Dec 22, 2022
to the GitHub Advisory Database
•
Updated Apr 15, 2025
Description
Published by the National Vulnerability Database
Dec 22, 2022
Published to the GitHub Advisory Database
Dec 22, 2022
Last updated
Apr 15, 2025
Through a series of popup and
window.print()calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.References