Mozilla Thunderbird CVE-2015-7197 Weak Authentication Vulnerability
Description
Mozilla developer Ehsan Akhgari reported a mechanism through which a web worker could be used to bypass secure requirements for WebSockets when workers are used to create WebSockets. This allows for the bypassing of mixed content WebSocket policy.
Affected Applications
Thunderbird