CVE-2009-2472
Affected software: Mozilla Firefox before 3.0.12 (as per CVE-2009-2472). Issue: during object construction, Firefox did not always use XPCCrossOriginWrapper, allowing bypass of the Same Origin Policy and enabling cross-site scripting (XSS) via a crafted document. Impact: potential XSS vulnerabili...