Описание
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | not-affected | |
| edgy | not-affected | |
| feisty | not-affected | |
| upstream | needs-triage |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
Firefox before 1.0 does not properly distinguish between user-generate ...
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
EPSS
2.6 Low
CVSS2