Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote malicious users to bypass the security model, aka "firetabbing."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0 |