2 matches found
CVE-2012-1215
Cross-site scripting XSS vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1215
The CVE-2012-1215 entry describes a Cross-site scripting (XSS) vulnerability in the Add friends module of the Yoono Firefox extension, exploited via the create field in a "Create a group" action. The affected product is the Yoono extension for Firefox, with versions prior to 7.7.8. The underlying...