The vulnerability is found in all current versions of Firefox and Mozilla does not have a patch for the problem yet. The vulnerability would be useful for attackers in a phishing attack, given the ability to spoof the URL in the new tab or window. If a user visits a page hosting this malicious code, a new window or tab can be opened with a faked URL. There is no way of determining if the URL is authentic. This could result in the user disclosing confidential information to the malicious site.
Source: https://threatpost.com/new-flaw-firefox-could-enable-phishing-attacks-072909/73015/