Endpoint Vulnerability

Use-after-free in XMLHttpRequest with shared workers

Description

Security researcher Looben Yang discovered a use-after-free vulnerability when recursively calling .open() on an XMLHttpRequest in a SharedWorker.

Affected Products

Firefox,Firefox ESR

References

CVE-2015-4492,