{"id":"CVE-2024-1550","details":"A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox \u003c 123, Firefox ESR \u003c 115.8, and Thunderbird \u003c 115.8.","modified":"2026-04-16T04:35:42.987454167Z","published":"2024-02-20T14:15:08.733Z","related":["ALSA-2024:0952","ALSA-2024:0955","ALSA-2024:0963","ALSA-2024:0964","CGA-w32p-g8hr-xg8v","SUSE-SU-2024:0580-1","SUSE-SU-2024:0607-1","SUSE-SU-2024:0608-1","SUSE-SU-2024:1002-1","openSUSE-SU-2024:13711-1","openSUSE-SU-2024:13728-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-05/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-06/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-07/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1860065"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1550.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"115.8.0"}]},{"events":[{"introduced":"0"},{"fixed":"123.0"}]},{"events":[{"introduced":"0"},{"fixed":"115.8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}