CVE-2018-5136

Summary

A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 59affected

Weaknesses

  • Same-origin policy violation with data: URL shared workers

ADP Enrichment

CVE Program Container

Additional References

References