Firefox cross-domain text theft (CESA-2008-011)
Hi, Firefoxes 2.0.0.19 and 3.0.5 fix a cross-domain theft of textual data. The theft is via cross-domain information leaks in JavaScript error messages for scripts executed via script src="remotedomain.org". The JavaScript error messages are made available to the window.onerror handler. In some...