Suse » Linux Enterprise Server : Security Vulnerabilities, CVEs, Published In 2009 (XSS)
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."
Max CVSS
4.3
EPSS Score
0.33%
Published
2009-07-22
Updated
2021-07-29
1 vulnerabilities found