• info
• discussion
• exploit
• solution
• references

Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability

An attacker must entice a user to subscribe to a malicious feed with the affected extension.