PT-2024-6059 · Mozilla+4 · Firefox+4

Raphael

Published

2024-03-23

Updated

2025-03-14

CVE-2024-4776

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 126

Description The issue is related to a file dialog shown while in full-screen mode, which could result in the window remaining disabled. Additionally, there is a vulnerability associated with the failure to protect the structure of a web page, potentially allowing a remote attacker to compromise data integrity and cause a denial of service.

Recommendations For versions prior to 126, update to version 126 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2024-15839

ALT-PU-2024-7772

BDU:2024-06883

CVE-2024-4776

OESA-2025-1265

OESA-2025-1268

OPENSUSE-SU-2024:13980-1

OPENSUSE-SU-2024:14572-1

USN-6779-1

USN-6779-2

Affected Products

Alt Linux

Astra Linux

Firefox

Linuxmint

Ubuntu

PT-2024-6059 · Mozilla+4 · Firefox+4

CVE-2024-4776

Weakness Enumeration

Related Identifiers

Affected Products

References · 2093