Vulnerabilities

CVE-2015-7187

by Fred · 04/11/2015

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.

Date published : 2015-11-04

http://www.mozilla.org/security/announce/2015/mfsa2015-121.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Similar

Tags: Cybersecurity Alert