Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Security researcher/hacker, Michal Zalewski has released a report on a security vulnerability affecting Firefox 126.96.36.199 and possibly earlier versions. The vulnerability could allow a malicious web site to impersonate an authentic one and set a cookie on its behalf.
This could be used to perform cross-window and cross-frame attacks compromising personal information exchanged via Ajax. Zalewski has released a test case that demonstrate the vulnerability.
It has already been filed to Bugzilla for its resolution. In the meantime, Zalewski recommends this workaround: