The vulnerability in the WebChannel API interface of Mozilla Firefox, Firefox ESR, and email clients Thunderbird, Thunderbird ESR, allows a perpetrator to escalate their privileges.

The vulnerability of the WebChannel API interface in browsers such as Mozilla Firefox, Firefox ESR, and email clients like Thunderbird, Thunderbird ESR, is related to authentication process flaws. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...

firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...