When a Web Extension had the all-urls permission and made a fetch request with a mode set to same-origin, it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 74.0 (excluding) |