A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla firefox esr |
||
mozilla firefox |
||
opensuse leap 15.2 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 16.04 |