The Infinite Brief

Despite its simplicity, Mozilla felt that this vulnerability was only a moderate threat since the hacker must already have access to the device before they can exploit it.

The exploit was performed by accessing “Options -> Privacy and Security,” opening the “Registered Credentials …” panel, right-clicking on one of the entries and choosing “Copy password.”