Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 19.0 |
||
mozilla firefox 22.0 |
||
mozilla firefox 20.0 |
||
mozilla firefox |
||
mozilla firefox 19.0.2 |
||
mozilla firefox 19.0.1 |
||
mozilla firefox 23.0 |
||
mozilla firefox 21.0 |
||
mozilla firefox 20.0.1 |