Arturo Mejia

**Name of the Vulnerable Software and Affected Versions** Firefox for Android versions prior to 90 **Description** The issue is related to insufficient access control in Firefox for Android, allowing any webpage running on the same host to be granted permissions previously saved by a user, regardless of the scheme or port. This could potentially allow a remote attacker to elevate their privileges. The vulnerability only affects Firefox for Android, with other operating systems being unaffected. **Recommendations** For Firefox for Android versions prior to 90, update to version 90 or later to resolve the issue. As a temporary workaround, consider restricting the saving of permission grants to webpages to minimize the risk of exploitation.