Comment 4 for bug 1380669

I'd still be curious to see any sort of proof-of-concept walkthrough for how an attacker would leverage this to some nefarious end. I don't question whether it needs prompt fixing, but if it's not directly exploitable then we shouldn't burn additional effort on embargoed security advisory processes.