Contributor

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 43.0 **Description** The issue is related to the importScripts function in the Web Workers API implementation, which lacks protection of internal data. This can be exploited by a remote attacker to bypass the existing access restriction policy, leading to information disclosure. The exploitation involves triggering the use of the no-cors mode in the fetch API to attempt resource access that throws an exception. **Recommendations** For versions prior to 43.0, update to version 43.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the importScripts function until a patch is available. Avoid using the no-cors mode in the fetch API for sensitive resource access until the issue is resolved.