CVE-2014-1529

2014-04-30T10:49:00
ID CVE-2014-1529
Type cve
Reporter cve@mitre.org
Modified 2017-01-07T02:59:00

Description

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.