Mozilla Firefox prior to 34.0 and SeaMonkey prior to 2.31 provide stylesheets with an incorrect primary namespace, which allows remote malicious users to bypass intended access restrictions via an XBL binding.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla seamonkey |