CVE-2005-1091
Maxthon 1.2.0 and 1.2.1 expose a vulnerability where remote attackers can bypass a security ID and call restricted plugin API functions by crafting a page that includes max.src. The NVD entry CVE-2005-1091 documents this as a cross-page script inclusion issue allowing limited privileges to be use...