CVE-2024-2609

MEDIUM Year: 2024
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-356
View all →

Vulnerability Description

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.

Related Vulnerabilities

CVE-2018-10595

MEDIUM
CVSS:6.3(Medium)

A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) t...

CWE-3562018

CVE-2024-3044

MEDIUM
CVSS:6.5(Medium)

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clic...

CWE-3562024

CVE-2018-10593

MEDIUM
CVSS:5.6(Medium)

A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, ...

CWE-3562018

CVE-2024-4187

LOW
CVSS:5.4(Medium)

Stored XSS vulnerability has been discovered in OpenTextâ„¢ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites.

CWE-3562024

CVE-2025-31334

MEDIUM
CVSS:6.8(Medium)

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link...

CWE-3562025