CVE-2018-12402

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 63

Description The issue is related to the WebBrowserPersist component in Firefox, specifically with errors when executing the "Save Page As..." function. This can allow a remote attacker to gain unauthorized access to protected information. The internal WebBrowserPersist code does not use the correct origin context for a resource being saved, which manifests when sub-resources are loaded as part of the "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page.

Recommendations For versions prior to 63, update to version 63 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the "Save Page As..." functionality until a patch is available. Restrict access to sensitive information when using the "Save Page As..." feature to minimize the risk of exploitation.