Cross-site scripting (XSS) vulnerability in the (1) Sage prior to 1.3.10, and (2) Sage++ extensions for Firefox, allows remote malicious users to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
sage sage 1.3.6 |
||
sage sage |
||
sage sage 1.0_beta_3 |