Ilya Grigorik

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 43.0 **Description** The issue is related to improper access restriction to the IFRAME Resource Timing API in the browser. This can be exploited by a remote attacker to bypass the existing access policy or obtain confidential information using specially crafted JavaScript code. The exploitation involves using `history.back` and `performance.getEntries` calls. **Recommendations** For versions prior to 43.0, update to version 43.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the IFRAME Resource Timing API until a patch is available. Avoid using the `performance.getEntries` function in conjunction with `history.back` calls in affected API endpoints until the issue is resolved.