You are here: Known Vulnerabilities in Mozilla Products (Firefox 220.127.116.11) > MFSA 2008-22
Mozilla Foundation Security Advisory 2008-22
Announced: July 1, 2008
Products: Firefox, SeaMonkey
Fixed in: Firefox 3.0
Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities which allow scripts from one document to be executed in the context of a different document. These vulnerabilities could be used by an attacker to violate the same-origin policy and perform an XSS attack against arbitrary sites, potentially stealing or manipulating the user's private information on the victim site.