Mozilla Firefox ESR CVE-2013-1697 Weak Authentication Vulnerability
Description
Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue. This can lead to unexpected behavior when privileged code acts on the incorrect values.
Affected Applications
Firefox ESR