JavaScript Map/Set Timing Attack Vulnerability
CVE-2016-9904 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
Learn more about our Web App Pen Testing.