Comment 3 for bug 2037876

Since this report concerns a possible security risk, an incomplete
security advisory task has been added while the core security
reviewers for the affected project or projects confirm the bug and
discuss the scope of any vulnerability along with potential
solutions.

Can someone explain what the suspected security vulnerability is in this report? Ideally include an exploit scenario describing how a malicious actor would use it to their advantage, and any mitigating factors they'd need to overcome in order to do so. Thanks!