Another vulnerability has been found in Firefox, and this one makes it possible for a hacker to retrieve the settings and variables used in extensions. The person who discovered the flaw was able to steal a dynamically generated password created by the Fire Encrypter extension.
So how serious is this? Read for yourself:
There is some concern that this could be used to get information such as whitelisted sites on Adblock, or even user details from Gmail Checker. This vulnerability hasn’t thoroughly been tested to see what’s possible and what’s not, but if some information could successfully be retrieved I’m sure other hackers could find ways to exploit this even further.
The person who discovered the vulnerability recommends that you install the NoScript extension, or use Opera because "this could lead to further more clever attacks." Staying safe online continues to get harder and harder.
Source: The Register