CVE-2020-6810

Summary

After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks. This vulnerability affects Firefox < 74.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 74affected

Weaknesses

  • Focusing a popup while in fullscreen could have obscured the fullscreen notification

ADP Enrichment

CVE Program Container

Additional References

References