Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL that is stored by the victim.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yahoo toolbar 3.1.0.20130813024103 |
||
yahoo toolbar 2.5.9.2013418100420 |