When the pointer lock is enabled by a website though `requestPointerLock()`, no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/#CVE-2019-11754
Acknowledgments: Name: the Mozilla project Upstream: Johann Hofmann
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11754