CVE 2018-5136
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
See the
CVE page on Mitre.org
for more details.