Mozilla Developer Rob Wu discovered that a redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information.
Name: the Mozilla project
Upstream: Rob Wu
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):