A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/#CVE-2021-23999 https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/#CVE-2021-23999 https://bugzilla.mozilla.org/show_bug.cgi?id=1691153