A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 79.0 (excluding) |
Firefox_esr | Mozilla | * | 78.1 (excluding) |
Thunderbird | Mozilla | * | 78.1 (excluding) |