Mozilla Foundation Security Advisory 2008-62
Title: Additional XSS attack vectors in feed preview
Announced: December 16, 2008
Fixed in: Firefox 220.127.116.11
Firefox 3 is not affected by this issue.