Cross-Site Scripting (XSS) Vulnerability in Firefox, Firefox ESR, and Thunderbird

Cross-Site Scripting (XSS) Vulnerability in Firefox, Firefox ESR, and Thunderbird

CVE-2024-1547 · Severity

Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

Learn more about our Web App Pen Testing.