Organisations should consider the increased exposure to malware when enabling add-ons as they do not usually run inside a sandbox and will be able to access content from both Internet and intranet sites. A malicious add-on will be able to read, interact with and modify any Internet and intranet content accessed by the user including sites delivered over HTTPS. Firefox add-ons can include code that interacts with the platform. A malicious website that successfully exploits such an add-on can gain full user privilege including access to their data and web content. This interaction will not be visible to the user as plugins are able to get this access and send information to the internet in the background.