CVE-2020-6809

  • Published Date: Wed 25 Mar 2020
  • Last Modified Date: Mon 30 Mar 2020

When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74.