CVE-2023-23602

A mishandled security check when creating a WebSocket in a WebWorker caused
the Content Security Policy connect-src header to be ignored. This could
lead to connections to restricted origins from inside WebWorkers. This
vulnerability affects Firefox ) | mozjs contains a copy of the SpiderMonkey JavaScript engine
[mdeslaur]() | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snapRead More