CVE-2020-15647

Name of the Vulnerable Software and Affected Versions Firefox for Android versions prior to the fixed version

Description A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This issue can be exploited by visiting a malicious website, potentially allowing the theft of cookies.

Recommendations For Firefox for Android versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to sensitive websites until the update is applied. Avoid using Firefox for Android to access sensitive information until the issue is resolved.