firefox is vulnerable to phishing attacks. The vulnerability exists as it was possible to have an attacker-induced prompt for extension installation.
access.redhat.com/errata/RHSA-2020:3558
access.redhat.com/security/updates/classification/#important
bugzilla.mozilla.org/show_bug.cgi?id=1658214
www.mozilla.org/security/advisories/mfsa2020-36/
www.mozilla.org/security/advisories/mfsa2020-37/
www.mozilla.org/security/advisories/mfsa2020-38/
www.mozilla.org/security/advisories/mfsa2020-39/
www.mozilla.org/security/advisories/mfsa2020-40/
www.mozilla.org/security/advisories/mfsa2020-41/