Home > Vulnerability Database > CVE-2024-9391

Mend.io Vulnerability Database

CVE-2024-9391

Date: October 1, 2024

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

Language: KOTLIN

Severity Score

6.5

Related Resources (4)

Url: https://www.mozilla.org/security/advisories/mfsa2024-46/

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1892407

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-9391

Url: https://www.mend.io/vulnerability-database/CVE-2024-9391

Severity Score

6.5

Weakness Type (CWE)

Authentication Bypass by Spoofing

CWE-290

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-9391

Date: October 1, 2024

Language: KOTLIN

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?