Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.CreditsRaphaelReferenceshttps://bugzilla.mozilla.org/show_bug.cgi?id=1883396https://www.mozilla.org/security/advisories/mfsa2024-29/https://www.mozilla.org/security/advisories/mfsa2024-32/
