Bignis

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 67 **Description** A custom cursor defined by scripting on a site can position itself over the address bar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger notifications, or other buttons inadvertently if the location is spoofed over the user interface. The issue is related to an error in determining the user cursor, which can be located over the address bar. **Recommendations** For versions prior to 67, update to version 67 or later to resolve the issue. As a temporary workaround, consider avoiding sites that use custom cursors or restricting the use of scripting on untrusted sites until the issue is resolved.