CVE-2009-4100
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload.
Date published : 2009-11-28
http://www.securityfocus.com/bid/37123
https://addons.mozilla.org/en-US/firefox/addons/versions/1833#version-6.1.1