Tor Browser up to and including 8.5.3 has an information exposure vulnerability. It allows remote malicious users to detect the browser's language via vectors involving an IFRAME element, because text in that language is included in the title attribute of a LINK element for a non-HTML page. This is related to a behavior of Firefox prior to 68.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torproject tor browser |