Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. |
02 Feb 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2009-1308 Firefox XSS hazard using third-party stylesheets and XBL bindings | |
References |
|
Information
Published : 2009-04-22 18:30
Updated : 2023-12-10 10:51
NVD link : CVE-2009-1308
Mitre link : CVE-2009-1308
CVE.ORG link : CVE-2009-1308
JSON object : View
Products Affected
mozilla
- thunderbird
- firefox
- seamonkey
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')