Mozilla Firefox prior to 36.0.4, Firefox ESR 31.x prior to 31.5.3, and SeaMonkey prior to 2.33.1 allow remote malicious users to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 31.5.1 |
||
mozilla firefox esr 31.5.2 |
||
mozilla firefox esr 31.1 |
||
mozilla firefox |
||
mozilla firefox esr 31.5 |
||
mozilla firefox esr 31.1.1 |
||
mozilla firefox esr 31.1.0 |
||
mozilla firefox esr 31.4 |
||
mozilla firefox esr 31.3.0 |
||
mozilla firefox esr 31.0 |
||
mozilla seamonkey |
||
mozilla firefox esr 31.3 |
||
mozilla firefox esr 31.2 |