The WebChannel.jsm module in Mozilla Firefox prior to 38.0 allows remote malicious users to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
mozilla firefox |