Security researcher Prateek Saxena reported that a
malicious MozSearch plugin could be created using a javascript: URI in
the SearchForm
value. This URI is used as the default
landing page when an empty search is performed. If an attacker could
get a user to install the malicious plugin and perform an empty
search, the SearchForm
javascript: URI would be executed
within the context of the currently open page.