When Firefox is configured to block storage of all...
Moderate severity
Unreviewed
Published
Jul 5, 2023
to the GitHub Advisory Database
•
Updated Jan 16, 2024
Description
Published by the National Vulnerability Database
Jul 5, 2023
Published to the GitHub Advisory Database
Jul 5, 2023
Last updated
Jan 16, 2024
When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115.
References