CVE-2020-6809

Publication date

2020-03-25 21:13:17

Family

mozilla

State

PUBLISHED

Description

When a Web Extension had the all-urls permission and made a fetch request with a mode set to same-origin, it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74.