When importing resources using Web Workers, error messages would distinguish the difference between application/javascript
responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
More