CVE-2020-6810 - log back

CVE-2020-6810 edited at 11 Mar 2020 10:57:30
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ A security issue has been found in Firefox before 74 where, after a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6810
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1432856
Notes
CVE-2020-6810 created at 11 Mar 2020 10:25:09