The zero-day vulnerability received a CVE-2019-11707 identifier, and the bug was assigned a critical or highest threat level by the Firefox,
Critical Impact — Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
Firefox Vulnerabilities Types Description
In fact, the attackers could force users to visit malicious websites and thus be able to execute arbitrary code on the devices of their victims. The scammers who used the bug could install programs, view, change or delete data, as well as create new accounts.
— Samuel Groß (@5aelo) June 19, 2019
Users are urged to upgrade as soon as possible to the new version of Firefox 67.0.3 and Firefox ESR 60.7.1, in which the vulnerability is fixed.