Endpoint Vulnerability

Cross-origin information leak through web workers error events

Description

Security researcher Masato Kinugawa reported a cross-origin information leak through the error events in web workers. This violates same-origin policy and the leaked information could potentially be used by a malicious party to gather authentication tokens and other data from third-party websites.

Affected Products

Firefox

References

CVE-2015-7215,