XrayWrapper Property Filtering Bypass Vulnerability

XrayWrapper Property Filtering Bypass Vulnerability

CVE-2014-8632 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.