Clipboard data might be leaking
Some preliminary testing in #10285 (closed) comment 1 showed that websites might listen at least to the paste event and obtain user sensitive data this way. A quick workaround is setting "dom.event.clipboardevents.enabled" to "false".