0.021 Low
EPSS
Percentile
89.3%
Mozilla security researcher moz_bug_r_a4 reported that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. This vulnerability could be used to execute JavaScript in the context of a different website.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3835
bugzilla.mozilla.org/show_bug.cgi?id=439034