CVE-2019-11765
Summary: CVE-2019-11765 affects Firefox versions before 70.0. A compromised content process could send a message to the parent process to show the Click to Play permission prompt. Due to insufficient validation by the parent, if the user accepted the prompt an attacker‑controlled permission could...