firefox is vulnerable to sandbox restriction bypass. During the use of noopener links, it bypasses an iframe sandbox element with the allow-popups flag.
lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html
bugzilla.mozilla.org/show_bug.cgi?id=1521542
usn.ubuntu.com/4443-1/
www.mozilla.org/en-US/security/advisories/mfsa2020-33/
www.mozilla.org/security/advisories/mfsa2020-30/
www.mozilla.org/security/advisories/mfsa2020-32/
www.mozilla.org/security/advisories/mfsa2020-33/