A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
Un sitio web podría haber oscurecido la notificación en pantalla completa utilizando una URL con un esquema manejado por un programa externo, como una URL de correo. Esto podría haber generado confusión en los usuarios y posibles ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox < 116, Firefox ESR < 115.2 y Thunderbird < 115.2.
The Mozilla Foundation Security Advisory describes this flaw as:
A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks.
