Hong

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 1.5.0.12 through 2.0.0.7 SeaMonkey versions prior to 1.1.5 **Description** The issue allows remote attackers to change field focus and copy keystrokes via the `for` attribute in a `label`, bypassing focus prevention. This can be demonstrated by changing focus from a `textarea` to a file upload field. **Recommendations** For Mozilla Firefox versions 1.5.0.12 through 2.0.0.7, update to version 2.0.0.8 or later. For SeaMonkey versions prior to 1.1.5, update to version 1.1.5 or later.