Mozilla Foundation Security Advisory 2013-112
Title: Linux clipboard information disclosure
though selection paste
Announced: December 10, 2013
Reporter: Vincent Lefevre
Products: Firefox, Seamonkey
Fixed in: Firefox 26
Mozilla community member Vincent Lefevre reported that on Linux systems, web content can access data saved to the clipboard when a user attempts to paste a selection with a middle-click instead of pasting the selection content. This allows for possibly private data in the clipboard to be inadvertently disclosed to web content. Windows and OS X systems are not affected by this issue.
In general these flaws cannot be exploited through email in the Thunderbird and Seamonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts.