Same-origin protections for the PDF viewer can be bypassed, allowing a
malicious site to intercept messages meant for the viewer. This could allow
the site to retrieve PDF files restricted to viewing by an authenticated
user on a third-party website. This vulnerability affects Firefox ESR <
52.8 and Firefox < 60.