Mozilla Foundation Security Advisory 2020-27
Security Vulnerabilities fixed in Firefox for Android 68.10.1
- Announced
- July 6, 2020
- Impact
- critical
- Products
- Firefox
- Fixed in
-
- Firefox 68.10.1
#CVE-2020-15647: Arbitrary local file access in Firefox for Android
- Reporter
- Pedro Oliveira
- Impact
- critical
Description
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.