A security issue has been found in Firefox versions prior to 63.0, where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run.
A security issue has been found in Firefox versions prior to 63.0, where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run.
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/#CVE-2018-12396 https://bugzilla.mozilla.org/show_bug.cgi?id=1483602