A vulnerability has been found in Firefox before 57.0 where the security wrapper does not deny access to some exposed properties using the deprecated exposedProps mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects.
A vulnerability has been found in Firefox before 57.0 where the security wrapper does not deny access to some exposed properties using the deprecated exposedProps mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects.
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7831 https://bugzilla.mozilla.org/show_bug.cgi?id=1392026