Mozilla » Thunderbird » 2.0.0.6 : Security Vulnerabilities, CVEs, Published In 2008 (Bypass)
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
Max CVSS
7.5
EPSS Score
0.66%
Published
2008-11-13
Updated
2018-11-02
1 vulnerabilities found