6.4 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.4%
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.