Bug List

Wed Jul 17 2024 21:32:49 PDT

Keywords: csectype-clickjacking

27 bugs found.

ID	Type	Summary	Product	Comp	Assignee▲	Status▲	Resolution	Updated
1839402		Clickjacking protection for the filepicker window	Core	Security	nobody	UNCO	---	2024-06-02
1863863		PopupNotifications Clickjacking: Closing popup window activates parent window with permission popup	Toolkit	PopupNotifications a	nobody	RESO	FIXE	2024-06-02
1850200		HTTPS-Only mode bypass through clickjacking	Core	DOM: Security	maltejur	RESO	FIXE	2024-06-02
610997		Username + Password Autofill allows Forced Login via Clickjacking	Toolkit	Password Manager	nobody	RESO	FIXE	2024-06-02
867928		clickjacking certificate install dialog can add untrusted root certificate.	Core	Security: PSM	nobody	RESO	FIXE	2024-06-02
475530		X-FRAME-OPTIONS header against "UI Redressing" AKA Clickjacking	Core	DOM: Core & HTML	brandon	RESO	FIXE	2024-06-02
162020		pop up XPInstall/security dialog when user is about to click	Core	Security	dveditz	RESO	FIXE	2024-06-02
1774163		Investigate preventing clickjacking/keyboard-jacking for the new async clipboard API	Core	DOM: Copy & Paste an	echen	RESO	FIXE	2024-06-02
916726		Download "open file" dialog delay is too quick, doesn't prevent clickjacking	Core	General	felipc	RESO	FIXE	2024-06-02
1116385		Download "open file" dialog delay is too quick when it is under a popup which closes, doesn't prevent clickjacking	Toolkit	Downloads API	felipc	RESO	FIXE	2024-06-02
726264		(CVE-2012-3984) Firefox 10.0.1 : Navigation away from a page with multiple active <select> dropdown menu can be used for Spoofing And ClickJacking with XPI using window.open and geolocalisation	Core	Layout: Form Control	MatsPalmgren_bugz	RESO	FIXE	2024-06-02
1009540		WebRTC dialog can be clickjacked when SWF hides mouse cursor below it	Core	WebRTC: Audio/Video	nobody	RESO	FIXE	2024-06-02
1161886		Firefox leaves important websites vulnerables to clickjacking	Firefox	General	nobody	RESO	FIXE	2024-06-02
1424870		Clickjacking screenshot taker leads to cross origin info disclosure	Firefox	Screenshots	nobody	RESO	FIXE	2024-06-02
1866210		Clickjacking of permission prompts for camera, microphone, geolocation via full screen + location replace	Toolkit	PopupNotifications a	nobody	RESO	DUPL	2024-06-02
1866592		Clickjacking of permission prompts for camera, microphone, geolocation via full screen +window popup	Toolkit	PopupNotifications a	nobody	RESO	DUPL	2024-06-02
1830820		Queued up rendering can allow websites to clickjack	Core	DOM: Navigation	sefeng	RESO	FIXE	2024-06-02
633691		Mitigate clickjacking of about:certerror	Firefox	Security	weinjared+bmo	RESO	FIXE	2024-06-02
1826116		Clickjacking to allowed location permission (bypassing button-enable delay)	Firefox	Site Permissions	pbz	VERI	FIXE	2024-06-02
1839073		Bypass site permission clickjacking protections on Desktop by opening a new tab with window.open() and closing it after the permission timeout has expired	Toolkit	PopupNotifications a	pbz	VERI	FIXE	2024-06-02
1857430		Clickjacking of permission prompts for camera, microphone, geolocation via full screen	Firefox	Security	pbz	VERI	FIXE	2024-06-02
1863083		Clickjacking to allow permission using window.moveTo in a popup	Toolkit	PopupNotifications a	pbz	VERI	FIXE	2024-06-02
1865914		PopupNotifications clickjacking by obscuring notification via full screen exit transition	Toolkit	PopupNotifications a	pbz	VERI	FIXE	2024-06-02
1684837		requestPointerLock not called from short running user-generated event handler leads to Across Tab Website Clickjacking	Core	DOM: Events	echen	VERI	FIXE	2024-06-02
1650961		Restrict the clickjacking delay to credit card fields	Toolkit	Form Autofill	zibi	VERI	FIXE	2024-06-02
868327		Mozilla Firefox Navigation away from a page with an active <select> dropdown menu can be used for URL/SSL spoofing and ClickJacking Attacks	Core	Layout	MatsPalmgren_bugz	VERI	FIXE	2024-06-02
1273129		Firefox Navigation from a page with an active <select> dropdown menu can be used for URL/SSL spoofing and ClickJacking	Core	General	MatsPalmgren_bugz	VERI	FIXE	2024-06-02

27 bugs found.