← back
CVE-2007-2060

CVE-2007-2060

EPSS 3.2%
Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/34534https://addons.mozilla.org/en-US/firefox/addon/424http://secunia.com/advisories/24913https://exchange.xforce.ibmcloud.com/vulnerabilities/33693http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/http://www.kb.cert.org/vuls/id/319464http://www.kb.cert.org/vuls/id/MIMG-6ZKP4Thttp://www.securityfocus.com/bid/23523http://www.vupen.com/english/advisories/2007/1425