By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/#CVE-2021-38508
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:4116 https://access.redhat.com/errata/RHSA-2021:4116
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4123 https://access.redhat.com/errata/RHSA-2021:4123
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-38508
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:4133 https://access.redhat.com/errata/RHSA-2021:4133
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:4132 https://access.redhat.com/errata/RHSA-2021:4132
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4130 https://access.redhat.com/errata/RHSA-2021:4130
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:4134 https://access.redhat.com/errata/RHSA-2021:4134
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:4607 https://access.redhat.com/errata/RHSA-2021:4607
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:4605 https://access.redhat.com/errata/RHSA-2021:4605