Service Workers Vulnerability: Private Browsing Mode Detection Failure in Firefox < 107

Service Workers Vulnerability: Private Browsing Mode Detection Failure in Firefox < 107

CVE-2022-45417 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.

Learn more about our Web App Pen Testing.