Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox < 113.
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "113",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]