Published
Last updated
5.3
CVSS V3
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe
. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.