CVE-2007-0780 in Firefoxinformazioni

Riassunto

di MITRE

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

06/02/2007

Divulgazione

26/02/2007

Moderazione

accettato

Voce

VDB-35232

CPE

pronto

CWE

CWE-80 (confermato)

CVSS

6.8 (NVD)

EPSS

0.02494

KEV

Attività

molto basso

Settore

Police, Hostingprovider, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0780
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0780
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0780/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!