Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws


Of the newly patched security flaws, nine are rated high-severity while six carry a “medium-severity” rating.

The most important of these issues is CVE-2022-22746, a race condition leading to the bypass of full-screen notification on Windows machines.

Next in line is CVE-2022-22743, another fullscreen spoof, this time affecting the browser window. The bug could allow an attacker-controlled tab to prevent the browser from leaving fullscreen mode when the user navigates from inside an iframe.