CVE-2007-2060
CVE-2007-2060 affects the Wizz RSS Reader Firefox extension (pre-2.1.9). A cross-zone scripting flaw allows remote attackers to run arbitrary JavaScript in the browser chrome via the RSS feed DOM, enabling potential remote code execution in the user’s browser UI. The vulnerability is described ac...