CVE-2024-10458

High

A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects…

mozilla·CWE-281·Published 2024-10-29

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

241 chars

A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.

NVDen

241 chars

NVDes

282 chars

Podría haberse producido una fuga de permisos desde un sitio de confianza a un sitio que no lo es a través de elementos `embed` u `object`. Esta vulnerabilidad afecta a Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4 y Thunderbird < 132.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N