{"id":"CVE-2022-45408","details":"Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107.","modified":"2026-03-14T11:57:26.616826Z","published":"2022-12-22T20:15:42.633Z","related":["ALSA-2022:8547","ALSA-2022:8554","ALSA-2022:8561","ALSA-2022:8580","MGASA-2022-0427","MGASA-2022-0428","SUSE-SU-2022:4058-1","SUSE-SU-2022:4083-1","SUSE-SU-2022:4085-1","SUSE-SU-2022:4247-1","openSUSE-SU-2024:12518-1","openSUSE-SU-2024:12519-1","openSUSE-SU-2024:12532-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-47/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-48/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2022-49/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1793829"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45408.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"107.0"}]},{"events":[{"introduced":"0"},{"fixed":"102.5"}]},{"events":[{"introduced":"0"},{"fixed":"102.5"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}