CVE-2018-5109

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 58

Description: The issue is related to a flaw in the source confirmation mechanism, potentially allowing a remote attacker to gain unauthorized access to protected information. An audio capture session can be started under an incorrect origin, leading to user confusion about which site is making the request to capture an audio stream. Users are still prompted to allow the request, but the prompt may display the wrong origin.

Recommendations: For versions prior to 58, update to version 58 or later to resolve the issue. As a temporary workaround, consider restricting access to audio capture sessions to minimize the risk of exploitation. Avoid allowing audio capture requests from untrusted sites until the issue is resolved.