CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Published: Nov 26, 2024
Updated: May 4, 2025
CVE: CVE-2024-11700
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / firefox	-	133.0
mozilla / thunderbird	-	133.0

https://bugzilla.mozilla.org/show_bug.cgi?id=1836921
https://www.mozilla.org/security/advisories/mfsa2024-63/
https://www.mozilla.org/security/advisories/mfsa2024-67/

Vulnerability Database

289,697

CVE-2024-11700