A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 119.0 (excluding) |
Firefox_esr | Mozilla | * | 115.4 (excluding) |
Thunderbird | Mozilla | * | 115.4.1 (excluding) |