virus logo Endpoint Vulnerability

Mozilla Firefox CVE-2014-8638 Cross Site Request Forgery Vulnerability

description-logoDescription

sendBeacon() requests lack Origin header, violating CORS and W3C Beacon specs, enabling potential XSRF attacks in Firefox, Firefox ESR, Firefox OS, SeaMonkey, and Thunderbird.

affected-products-logoAffected Applications

Firefox

Version Updates

Date Version Status Detail
2026-02-21 2.00700
New
 Firefox
2020-02-21 2.00048
New
 Firefox
2019-09-18 1.00043
Modified
 Firefox

References

https://www.mozilla.org/en-US/security/advisories/mfsa2015-03
ID 39395
Created Jan 17, 2020
Description
Updated		 Mar 07, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Mozilla
Patch manual
Application Firefox