Cross-Origin Information Leakage in Firefox Developer Tools

Cross-Origin Information Leakage in Firefox Developer Tools

CVE-2018-5106 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox < 58.

Learn more about our Web App Pen Testing.