CVE-2009-3017

CVE-2009-3017 concerns Orca Browser 1.2 build 5. The issue is an improper handling of data: URIs and javascript: URIs in HTTP headers (Refresh and Location) and in 302 error documents, enabling cross-site scripting (XSS) via multiple header/URL vectors. The connected documents corroborate user-as...