I don’t have too much information – Catalin Cimpanu gave a hint in the following tweet.
It’s actually a @firefoxESR bug
(affecting v 68 and below, therefore current Tor Browser) bug. @noscript has a work-around for it in 11.0.17, likely to be included in the official @torproject
builds in the weekend. But you can update it right now from https://t.co/TiiEXqqc0K
— Giorgio Maone (@ma1) March 14, 2020
A follow-up tweet indicates that it is a problem in Firefox 68esr, which will probably be fixed this weekend. In NoScript there is already a fix against the vulnerability.
Cookies helps to fund this blog: Cookie settings