According to pdp, this issue makes vulnerable to Cross-site scripting applications that allow users uploading compressed ZIP, and JAR files. After a couple of minutes messing around the poc’s, I figured out that sites with open redirect issues are vulnerable too. I’ve created this poc that attacks Gmail, it’s based on my previous post and it will only show your contacts list, it’s not being logged server side or anything as some people thought that my previous poc did.
Firefox 188.8.131.52 (now testing) is supposed to include a patch to secure the JAR vulnerability which Mozilla has known about for months. In the mean time, NoScript offers anti-XSS protection by preventing JAR resources from being loaded as documents.