Mozilla Suite And Firefox Global Scope Pollution Cross-Site Scripting Vulnerability

A remote cross-site scripting vulnerability affects Mozilla Suite and Mozilla Firefox because the software fails to properly clear stored parameters.

An attacker may exploit this issue to execute arbitrary script code in the context of a page that is currently being viewed. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

Note that this issue was previously reported in BID 13208 (Mozilla Suite Multiple Code Execution, Cross-Site Scripting, And Policy Bypass Vulnerabilities); it has been assigned its own BID.


 

Privacy Statement
Copyright 2010, SecurityFocus