Wesj

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 18.0 on Android SeaMonkey versions prior to 2.15 **Description** The issue allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document, due to the failure to restrict a touch event to a single IFRAME element. **Recommendations** For Mozilla Firefox versions prior to 18.0 on Android, update to version 18.0 or later. For SeaMonkey versions prior to 2.15, update to version 2.15 or later.