Description
Mozilla: libusrsctp library out of date.
Mozilla: Arbitrary file read from GTK drag and drop on Linux.
Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7.
Mozilla: Malicious command could be hidden in devtools output.
Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation.
Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers.
Mozilla: Fullscreen notification bypass.
Mozilla: Calls to 'console.log' allowed bypasing Content Security Policy via format directive.