A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 122.0 (excluding) |
Firefox_esr | Mozilla | * | 115.7 (excluding) |
Thunderbird | Mozilla | * | 115.7 (excluding) |