A [critical vulnerability](https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/)was discovered in the JavaScript engine of *Firefox* and *Tor Browser*.
Until Tails 4.13 (November 17), we recommend all users to set the [[security level of *Tor Browser*|doc/anonymous_internet/Tor_Browser#security-level]] to *Safer* or *Safest*.
This vulnerability was discovered during the [Tianfu Cup 2020 International Cybersecurity Contest](http://www.tianfucup.com/). The details of the vulnerability were not disclosed.
The *Safer* or *Safest* security level of *Tor Browser* are not affected because the feature of JavaScript that is affected, the *[[!wikipedia just-in-time compilation]]*, is disabled at these security levels.
The details of the vulnerability were not disclosed, making it harder to exploit, and we are not aware of any use of this vulnerability against actual users.