---

CVE-2021-29987 - log back

CVE-2021-29987 edited at 13 Aug 2021 08:35:20
References	https://www.mozilla.org/security/advisories/mfsa2021-33/ - https://www.mozilla.org/security/advisories/mfsa2021-33/ + https://www.mozilla.org/security/advisories/mfsa2021-36/ https://bugzilla.mozilla.org/show_bug.cgi?id=1716129

CVE-2021-29987 edited at 12 Aug 2021 07:03:23
Description	- A security issue has been found in Firefox before version 91. After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. + A security issue has been found in Firefox and Thunderbird before version 91. After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to.
References	+ https://www.mozilla.org/security/advisories/mfsa2021-33/ https://www.mozilla.org/security/advisories/mfsa2021-33/ https://bugzilla.mozilla.org/show_bug.cgi?id=1716129

CVE-2021-29987 created at 10 Aug 2021 15:31:34
Severity	+ Medium
Remote	+ Remote
Type	+ Content spoofing
Description	+ A security issue has been found in Firefox before version 91. After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to.
References	+ https://www.mozilla.org/security/advisories/mfsa2021-33/ + https://bugzilla.mozilla.org/show_bug.cgi?id=1716129
Notes