EPSS
Percentile
50.4%
firefox is vulnerable to authorization bypass. When %2F is present in a manifest URL, the AppCache behavior allows a manifest to be served from a subdirectory and be used to service requests for the top level directory.
%2F
lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.html
bugzilla.mozilla.org/show_bug.cgi?id=1586630
security.gentoo.org/glsa/202007-10
www.mozilla.org/security/advisories/mfsa2020-24/