4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' slash characters to delimit a literal string within an XSS sequence, a related...
CVE-2007-5414
Cross-site scripting XSS vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to delimit a literal string within an XSS sequence, a...
CVE-2007-5415
Cross-site scripting XSS vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' slash characters to delimit a literal string within an XSS sequence, a related...
CVE-2007-5414
CVE-2007-5414 describes a cross-site scripting (XSS) vulnerability in Mozilla Firefox prior to version 2.0. The issue arises when UTF-7 document content is rendered directly in UTF-7, allowing remote attackers to inject arbitrary script or HTML via a gopher URI that uses single quote characters t...