Cross-site scripting (XSS) vulnerability in Mozilla Firefox prior to 2.0.0.5 allows remote malicious users to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 2.0.0.3 |
||
mozilla firefox 2.0.0.4 |
||
mozilla firefox 2.0.0.1 |
||
mozilla firefox 2.0.0.2 |
||
mozilla firefox 2.0 |