Mozilla · Firefox · CVE-2015-2718
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions prior to 38.0
**Description**
The issue allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data. This can be achieved via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
**Recommendations**
For versions prior to 38.0, update to version 38.0 or later to resolve the issue.