CVE-2021-43532

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 94

Description The issue allows a website to potentially steal authentication tokens by tricking a user into copying and pasting an image link that contains the token. This can happen when an image triggers authentication flows and a Content Security Policy stops a redirection chain, resulting in the final image URL containing the authentication token. The estimated number of potentially affected devices is not specified.

Recommendations For Firefox versions prior to 94, update to version 94 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the 'Copy Image Link' context menu action until the update is applied. Restrict access to sensitive information when copying and pasting links from untrusted websites to minimize the risk of exploitation.