Kestrel

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 122 Thunderbird versions prior to 115.7 **Description** The issue is related to a spoofing attack, where a phishing site could repurpose an `about:` dialog to show phishing content with an incorrect origin in the address bar. This is due to insufficient access control in Mozilla Firefox, Firefox ESR, and the Thunderbird email client, which may allow a remote attacker to conduct spoofing attacks. **Recommendations** For Mozilla Firefox versions prior to 122, update to version 122 or later to resolve the issue. For Thunderbird versions prior to 115.7, update to version 115.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 76 **Description** A logic flaw in the location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the `input` element. **Recommendations** For versions prior to 76, update to version 76 or later to resolve the issue. As a temporary workaround, consider restricting access to the location bar implementation until a patch is available.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 64 Description: The issue is related to WebExtension content scripts being loaded into about: pages under certain circumstances, contrary to the permissions granted to extensions. This could enable an extension to interfere with the loading and usage of these pages, utilizing capabilities intended to be restricted. Recommendations: For versions prior to 64, update to version 64 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 56 **Description** The issue is related to the WebExtensions module in Mozilla Firefox, which has an insufficient input validation mechanism. This allows an attacker to potentially gain unauthorized access to protected information by exploiting the vulnerability. The vulnerability could be used to load a privileged "about:" URL in the extension UI, bypassing security checks. **Recommendations** For versions prior to 56, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting the use of WebExtensions that could potentially load privileged URLs in the extension UI.