CVE-2007-2060

Published: Apr 18, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ADV-2007-1425

vdb-entry

x_refsource_VUPEN

23523

vdb-entry

x_refsource_BID

http://www.kb.cert.org/vuls/id/MIMG-6ZKP4T

x_refsource_CONFIRM

24913

third-party-advisory

x_refsource_SECUNIA

VU#319464

third-party-advisory

x_refsource_CERT-VN

34534

vdb-entry

x_refsource_OSVDB

https://addons.mozilla.org/en-US/firefox/addon/424

x_refsource_CONFIRM

firefox-wizz-rssfeed-xss(33693)

vdb-entry

x_refsource_XF

http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2060

Description

Affected Products

References