Endpoint Vulnerability

User-defined properties on DOM proxies get the wrong 'this' object


Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this. It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker supplied values.

Affected Products

Firefox ESR