Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
References
Configurations
History
21 Nov 2024, 00:29
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/34534 - | |
References | () http://secunia.com/advisories/24913 - | |
References | () http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/ - | |
References | () http://www.kb.cert.org/vuls/id/319464 - Patch, US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/MIMG-6ZKP4T - | |
References | () http://www.securityfocus.com/bid/23523 - | |
References | () http://www.vupen.com/english/advisories/2007/1425 - | |
References | () https://addons.mozilla.org/en-US/firefox/addon/424 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/33693 - |
Information
Published : 2007-04-18 03:19
Updated : 2024-11-21 00:29
NVD link : CVE-2007-2060
Mitre link : CVE-2007-2060
CVE.ORG link : CVE-2007-2060
JSON object : View
Products Affected
wizz_computers
- wizz_rss_reader
CWE