This vulnerability affects Firefox for Android window.open, fullscreen requests, window.name assignments, and setInterval calls. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android jar:file:/// URI instead of a moz-extension:/// URI during a load request. This vulnerability affects Firefox sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes without allow-top-navigation-to-custom-protocols. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. *This bug only affects Firefox for Linux on certain Distributions. desktop, which can be interpreted to run attacker-controlled commands. This vulnerability affects Firefox for Android. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox bind function may have resulted in the incorrect realm. This vulnerability affects Firefox for iOS datalist element to obscure the address bar. Users of Firefox on these versions of macOS will be moved over to the Firefox 115 ESR and will be supported until September 2024.When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. We are ending support for macOS 10.12, 10.13 and 10.14. Users of Firefox on these versions of Windows will be moved over to the Firefox 115 ESR and will be supported until September 2024. We are ending support for Windows 7, 8 and 8.1. If you need to prevent upgrades for any reason, you can use the new AppUpdatePin policy. Users will then be automatically upgraded to the Firefox 115 ESR. There are two more planned releases of Firefox 102 ESR, and then it will go out of support on September 26, 2023. If you need to remove this behavior, you can set the preference to false using the Preferences policy. A recent change enabled revealing passwords for password fields via a context menu.The FlashPlugin policy has been removed. The UserMessaging policy had the ability to lock preferences, but it was missing from the documentation.If a preference was locked by one policy, it could be accidentally unlocked by another policy.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |