A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
CWE-275 - Permission Issues
Weaknesses in this category are related to improper assignment or handling of permissions.