Note:
This project will be discontinued after December 13, 2021. [more]
2020-08-10
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
| Products | Ubuntu_linux, Firefox, Firefox_esr, Thunderbird, Leap |
| Type | ? (NVD-CWE-noinfo) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://www.mozilla.org/security/advisories/mfsa2020-32/
• https://www.mozilla.org/security/advisories/mfsa2020-30/ • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html • https://www.mozilla.org/security/advisories/mfsa2020-33/ • https://usn.ubuntu.com/4443-1/ |