Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 220.127.116.11
allows remote attackers to inject arbitrary web script "into another site's
context" via a "timing issue" involving the (1) addEventListener or (2)
setTimeout function, probably by setting events that activate after the
context has changed.
Updated: 2015-10-17 03:28:09 UTC (commit 10086)