CVE-2022-45418

Summary

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 102.5affected
MozillaThunderbirdunspecified < 102.5affected
MozillaFirefoxunspecified < 107affected

Weaknesses

  • Custom mouse cursor could have been drawn over browser UI

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References