Trishita Tiwari

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 68 **Description** The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that is accessible to a user when web content is loaded. This issue is related to insufficient input validation, which may allow a remote attacker to access confidential data. **Recommendations** For Firefox versions prior to 68, update to version 68 or later to resolve the issue. As a temporary workaround, consider disabling the use of the Alt-Svc header until a patch is available. Restrict access to sensitive data and networks to minimize the risk of exploitation.