CVE-2008-4066 (retired)

Priority
Description
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote
attackers to bypass cross-site scripting (XSS) protection mechanisms and
conduct XSS attacks via HTML-escaped low surrogate characters that are
ignored by the HTML parser, as demonstrated by a "jav&#56325ascript"
sequence, aka "HTML escaped low surrogates bug."
Package
Upstream:released (2.0.0.17)
Package
Upstream:released (3.0.3)
Package
Upstream:needs-triage
Package
Priority: Low
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Upstream:released (2.0.0.17)
Package
Upstream:needs-triage
Package
Upstream:released (1.9.0.3)
More Information

Updated: 2019-09-19 15:13:15 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)