Firefox Releases Update to Fix 10 Critical Flaws

Firefox Releases Update to Fix 10 Critical Flaws

Mozilla has announced the availability of Firefox 110 and Firefox ESR 102.8, which contain fixes for ten critical vulnerabilities. The first security flaw, identified as CVE-2023-25728, could allow an attacker to obtain the unredacted URI of a child iframe if a redirect is triggered when interacting with that iframe.

The most recent versions of Firefox also fix a problem with browser fullscreen mode-related screen hijacking. The problem, identified as CVE-2023-25730, arises from the possibility that a background script could force fullscreen mode by invoking it and then blocking the main thread.

Firefox explains in its advisory that a successful exploitation of the vulnerability could lead to user confusion or spoofing attacks.

Read More: Firefox Updates Patch 10 High-Severity Vulnerabilities

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.