CVE-2015-0819

2015-02-25T11:59:00
ID CVE-2015-0819
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.