A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 14.04 |
||
mozilla firefox |