firefox is vulnerable to sandbox bypass. Until explicitly accessed by script, window.global.This is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames (window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed.
CPE | Name | Operator | Version |
---|---|---|---|
firefox:bionic | eq | 59.0.2+build1 | |
firefox:xenial | eq | 45.0.2+build1 | |
firefox:bionic | eq | 59.0.2+build1 | |
firefox:xenial | eq | 45.0.2+build1 |