logo
DATABASE RESOURCES PRICING ABOUT US

Mozilla Foundation Security Advisory 2009-21

Description

Mozilla Foundation Security Advisory 2009-21 Title: POST data sent to wrong site when saving web page with embedded frame Impact: Low Announced: April 21, 2009 Reporter: Paolo Amadini Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.9 SeaMonkey 1.1.17 Description Developer and Mozilla community member Paolo Amadini reported that when saving the inner frame of a web page as a file when the outer page has POST data associated with it, the POST data will be incorrectly sent to the URL of the inner frame. This could potentially result in a user's sensitive data being sent to a site for which it was not intended. References * https://bugzilla.mozilla.org/show_bug.cgi?id=471962 * CVE-2009-1311


Related