Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MMozilla Firefox 跨站脚本漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 中的未明parser-utility类中存在跨站脚本漏洞,该漏洞源于未正确处理RSS订阅中的描述元素中的EMBED元素。远程攻击者利用该漏洞通过订阅进行跨站脚本(XSS)攻击。以下产品和版本受到影响:Mozilla Firefox 4.x版本至13.0版本、Firefox ESR 10.0.6之前的10.x版本、Thunderbird 5.0版本至13.0版本、Thunderbird ESR
CVSS Information
N/A
Vulnerability Type
N/A