CVE Published: 07/01/2021 |
CVE Updated: 04/08/2024 |
CVE Year: 2020 Source: mozilla |
Vendor: Mozilla |
Product: Firefox Status : PUBLISHED
CVE-2020-35111 Description
When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.