Mozilla · Firefox · CVE-2017-7843
**Name of the Vulnerable Software and Affected Versions**
Firefox ESR versions prior to 52.5.2
Firefox versions prior to 57.0.1
**Description**
The issue allows a web worker to write persistent data to IndexedDB when Private Browsing mode is used, enabling user fingerprinting. IndexedDB should be unavailable in Private Browsing mode, but the stored data persists across multiple private browsing sessions because it is not cleared upon exit.
**Recommendations**
For Firefox ESR versions prior to 52.5.2, update to version 52.5.2 or later.
For Firefox versions prior to 57.0.1, update to version 57.0.1 or later.