2 matches found
The vulnerability of the TransferFromImageBitmap method in Thunderbird email clients and Firefox and Firefox ESR browsers relates to the ability to read canvas elements, ignoring security policies that would prevent unauthorized access to information.
The vulnerability of the TransferFromImageBitmap method in Thunderbird email clients and Firefox and Firefox ESR browsers is related to the ability to read canvas elements, while ignoring security policies. Exploiting this vulnerability can allow an attacker who operates remotely to gain...
Mozilla: Stealing of cross-domain images using canvas
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...