Описание
Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2060
- https://addons.mozilla.org/en-US/firefox/addon/424
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33693
- http://osvdb.org/34534
- http://secunia.com/advisories/24913
- http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment
- http://www.kb.cert.org/vuls/id/319464
- http://www.kb.cert.org/vuls/id/MIMG-6ZKP4T
- http://www.securityfocus.com/bid/23523
- http://www.vupen.com/english/advisories/2007/1425
EPSS
Процентиль: 88%
0.03629
Низкий
CVE ID
Связанные уязвимости
nvd
почти 19 лет назад
Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
EPSS
Процентиль: 88%
0.03629
Низкий