CVE-2007-1084

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 2.0.0.1 and earlier

Description The issue allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme. This bookmarklet is executed in the context of the last visited web page, potentially leading to unauthorized actions.

Recommendations For Mozilla Firefox versions 2.0.0.1 and earlier, consider disabling the ability to save bookmarklets until a patch is available. As a temporary workaround, users should be cautious when saving bookmarklets and avoid saving those with a data: scheme to minimize the risk of exploitation.