Mozilla has announced the availability of Firefox 110 and Firefox ESR 102.8, which contain fixes for ten critical vulnerabilities. The first security flaw, identified as CVE-2023-25728, could allow an attacker to obtain the unredacted URI of a child iframe if a redirect is triggered when interacting with that iframe.
The most recent versions of Firefox also fix a problem with browser fullscreen mode-related screen hijacking. The problem, identified as CVE-2023-25730, arises from the possibility that a background script could force fullscreen mode by invoking it and then blocking the main thread.
Firefox explains in its advisory that a successful exploitation of the vulnerability could lead to user confusion or spoofing attacks.
Read More: Firefox Updates Patch 10 High-Severity Vulnerabilities
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
