CVE-2010-0170
CVSS v2.0
4.3 (Medium)
EPSS
0.27 % (68th)
Affected Products
1
Advisories
1
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Related CVEs
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2010-03-25 21:00:00
(14 years ago) - Updated Date
-
2017-09-19 01:30:15
(7 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...