Mozilla · Firefox · CVE-2009-1311
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions prior to 3.0.9
SeaMonkey versions prior to 1.1.17
**Description**
The issue allows user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame. This occurs when the inner frame's URL receives POST data from an outer page during a SAVEMODE FILEONLY save of the inner frame.
**Recommendations**
For Mozilla Firefox versions prior to 3.0.9, update to version 3.0.9 or later to resolve the issue.
For SeaMonkey versions prior to 1.1.17, update to version 1.1.17 or later to resolve the issue.