Cross-Origin Redirect Leakage in JavaScript Errors in Web Workers

Cross-Origin Redirect Leakage in JavaScript Errors in Web Workers

CVE-2020-15652 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.

Learn more about our Web App Pen Testing.