Home > Vulnerability Database > CVE-2024-11700

Mend.io Vulnerability Database

CVE-2024-11700

Date: November 26, 2024

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Language: C

Severity Score

8.1

Related Resources (5)

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=1836921

Url: https://www.mozilla.org/security/advisories/mfsa2024-63/

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-11700

Url: https://www.mozilla.org/security/advisories/mfsa2024-67/

Url: https://www.mend.io/vulnerability-database/CVE-2024-11700

Severity Score

8.1

Weakness Type (CWE)

Improper Restriction of Rendered UI Layers or Frames

CWE-1021

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-11700

Date: November 26, 2024

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?