Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
https://bugzilla.mozilla.org/show_bug.cgi?id=1760674
https://www.mozilla.org/security/advisories/mfsa2022-17/