A duplicate SystemPrincipal object could be created when parsing a non-system html document via DOMParser::ParseFromSafeString. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 109.0 (excluding) |