CVE-2015-7187 (retired)

Priority
Description
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script:
false" panel setting, which makes it easier for remote attackers to conduct
cross-site scripting (XSS) attacks via inline JavaScript code that is
executed within a third-party extension.
Assigned-to
chrisccoulson
Package
Upstream:released (42.0)
Ubuntu 16.04 LTS (Xenial Xerus):released (42.0+build2-0ubuntu1)
More Information

Updated: 2019-08-23 09:07:40 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)