Security Advisory

CVE-2024-9398

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-01 15:13:20

Last updated 2025-03-18 19:36:14

Assigner mozilla

State PUBLISHED

Description

By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

← Browse all CVEs View on cve.org ↗