CVE-2018-12358

Summary

Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox < 61.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 61affected

Weaknesses

  • Same-origin bypass using service worker and redirection

ADP Enrichment

CVE Program Container

Additional References

References