3 matches found
SUSE CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
Mozilla Firefox Add-on SDK Cross-Site Scripting Vulnerability
Mozilla Firefox is an open source web browser. A cross-site scripting vulnerability exists in the Mozilla Firefox Add-on SDK due to a failure of the program to properly handle the 'script: false' panel setting, which allows remote attackers to conduct cross-site scripting attacks using inline...
UBUNTU-CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...