A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
https://www.mozilla.org/security/advisories/mfsa2023-18/
https://www.mozilla.org/security/advisories/mfsa2023-17/
https://www.mozilla.org/security/advisories/mfsa2023-16/
https://security.gentoo.org/glsa/202401-10