In this email, the author brings attention to a security issue with Firefox running on X11. They explain that any script from any webpage can exploit the browser’s ability to write to the primary selection, which can then be used to run arbitrary code on the user’s machine. Surprisingly, no user interaction is required for this exploit to occur. The author provides an example of the exploit and suggests a workaround by disabling certain functions through an add-on. They also mention that this issue affects all versions of Firefox and its derivatives. The email highlights the potential risk and calls for increased visibility of the issue.
https://www.openwall.com/lists/oss-security/2023/10/17/1