Lucene search
Mozilla FoundationMFSA2010-62HistorySep 07, 2010 - 12:00 a.m.
Copy-and-paste or drag-and-drop into designMode document allows XSS — Mozilla
2010-09-0700:00:00
Mozilla Foundation
www.mozilla.org
21
0.002 Low
EPSS
Percentile
60.7%
Security researcher Paul Stone reported that when an HTML selection containing JavaScript is copy-and-pasted or dropped onto a document with designMode enabled the JavaScript will be executed within the context of the site where the code was dropped. A malicious site could leverage this issue in an XSS attack by persuading a user into taking such an action and in the process running malicious JavaScript within the context of another site.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 3.5.12 | |
| firefox | lt | 3.6.9 | |
| seamonkey | lt | 2.0.7 | |
| thunderbird | lt | 3.0.7 | |
| thunderbird | lt | 3.1.3 |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:48:14
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-62
2010-09-10 00:00:00
Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
2010-09-16 00:00:00
cvelist
cvelist
CVE-2010-2769
2010-09-09 18:00:00
cve
cve
CVE-2010-2769
2010-09-09 19:00:00
ubuntucve
ubuntucve
CVE-2010-2769
2010-09-07 00:00:00
prion
prion
Cross site scripting
2010-09-09 19:00:00
debian
debian
[SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities
2010-11-01 20:38:47
[SECURITY] [DSA-2106-2] New xulrunner packages fix regression
2010-09-19 19:35:13
[SECURITY] [DSA 2106-1] New xulrunner packages fix several vulnerabilities
2010-09-08 17:50:57
openvas
openvas
Debian Security Advisory DSA 2124-1 (xulrunner)
2010-11-17 00:00:00
Debian: Security Advisory (DSA-2124-1)
2010-11-17 00:00:00
Debian Security Advisory DSA 2106-1 (xulrunner)
2010-10-10 00:00:00
osv
osv
xulrunner - several vulnerabilities
2010-09-08 00:00:00
xulrunner - several vulnerabilities
2010-11-01 00:00:00
nessus
nessus
Debian DSA-2106-1 : xulrunner - several vulnerabilities
2010-09-09 00:00:00
Debian DSA-2124-1 : xulrunner - several vulnerabilities
2010-11-03 00:00:00
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: xulrunner-1.9.1.12-1.fc12
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: gnome-python2-extras-2.25.3-20.fc12
2010-09-09 01:23:44
[SECURITY] Fedora 12 Update: gnome-web-photo-0.9-9.fc12
2010-09-09 01:23:44
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-09-08 00:00:00
Firefox and Xulrunner regression
2010-09-16 00:00:00
Thunderbird vulnerabilities
2010-09-08 00:00:00
redhat
redhat
(RHSA-2010:0681) Critical: firefox security update
2010-09-07 00:00:00
oraclelinux
oraclelinux
firefox security update
2010-09-08 00:00:00
centos
centos
firefox, nspr, nss, xulrunner security update
2010-09-08 22:50:48
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-09-07 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2010-10-12 16:13:47
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00