CVE-2022-26383

Summary

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 98affected
MozillaFirefox ESRunspecified < 91.7affected
MozillaThunderbirdunspecified < 91.7affected

Weaknesses

  • Browser window spoof using fullscreen mode

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References