CVE-2007-0780

Priority
Description
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2,
and SeaMonkey before 1.0.8 uses the requesting URI to identify child
windows, which allows remote attackers to conduct cross-site scripting
(XSS) attacks by opening a blocked popup originating from a javascript: URI
in combination with multiple frames having the same data: URI.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:41:22 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)