Security Advisory

CVE-2020-12424

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-09 13:55:56

Last updated 2024-08-04 11:56:51

Assigner mozilla

State PUBLISHED

Description

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.

← Browse all CVEs View on cve.org ↗