PT-2009-3842 · Mozilla+1 · Firefox+1

Prateek

·

Publicado

2009-04-22

·

Atualizado

2024-12-12

·

CVE-2009-1310

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.0.9
Description A cross-site scripting (XSS) issue exists, allowing user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Recommendations For versions prior to 3.0.9, update to version 3.0.9 or later to resolve the issue.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2009-1310
DSA-1886-1
OPENSUSE-SU-2024:10071-1
OPENSUSE-SU-2024:14572-1
RHSA-2009:0436
RHSA-2009_0436

Produtos afetados

Firefox
Red Hat