Mozilla OnUnload Referer Information Leakage Vulnerability

A problem in Mozilla's implementation of the JavaScript "onUnload" event handler has the potential to leak sensitive information to websites.

When other pages are launched using the event handler, the vulnerable client encapsulates the address of the next page that is visited in the HTTP Referer field. The correct behavior is to include the address of the previously visited page in the HTTP Referer field.

Using this handler, a webpage can cause the browser to leak information about the next page that was visited.


 

Privacy Statement
Copyright 2010, SecurityFocus