If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Mozilla

Firefox

Affected Versions:

unspecified

References

https://www.mozilla.org/security/advisories/mfsa2019-07/

https://bugzilla.mozilla.org/show_bug.cgi?id=1434634

Published: 2019-04-26T16:10:38

Last Modified: 2024-08-04T22:01:54.667Z

Copied to clipboard!