Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2004-03-14 21:00
Updated : 2017-10-09 18:30
NVD link : CVE-2004-0191
Mitre link : CVE-2004-0191
JSON object : View
CWE
Products Affected
mozilla
- mozilla