FreeBSD : firefox -- Cross-origin restriction bypass using Fetch (79c68ef7-c8ae-4ade-91b4-4b8221b7c72a)
Medium Nessus Plugin ID 86432
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionFirefox Developers report :
Security researcher Abdulrahman Alqabandi reported that the fetch() API did not correctly implement the Cross-Origin Resource Sharing (CORS) specification, allowing a malicious page to access private data from other origins. Mozilla developer Ben Kelly independently reported the same issue.
SolutionUpdate the affected packages.