firefox has weak encryptions. The vulnerability exists in the password manager component which uses encryption to save files on-disk. Instead, the username was saved by the Form Manager to an unencrypted file on disk which allows an attacker to bypass authentication.