Mozilla Foundation Security Advisory 2005-26

Cross-site scripting by dropping javascript: link on tab

Announced

February 24, 2005

Reporter

Michael Krax

Risk

Low

Impact

Critical

Products

Firefox, Mozilla Suite

Fixed in

Firefox 1.0.1
Mozilla Suite 1.7.6

Description

Dropping a javascript: or data: link on a tab executes in the context of the site already loaded in the tab. If an attacker could convince a user to drag and drop such a link on a particular tab this could be used to steal information or credentials associated with the site in that tab.

If the target tab contained privileged content, such as about:config, the dropped javascript link could run arbitrary code on the user's machine.

Workaround

Don't drag and drop opaque links. Disable Javascript.

References

http://www.mikx.de/firetabbing/
https://bugzilla.mozilla.org/show_bug.cgi?id=280056

Firefox for Desktop

Firefox for iOS

Firefox for Android

Firefox Focus

Firefox blog

Mozilla VPN

Mozilla Monitor

Firefox Relay

Pocket

MDN Plus

Fakespot

Thunderbird

About Mozilla

The Mozilla Manifesto

Get Involved

Innovation Projects

Blog

Mozilla Foundation

Mozilla.ai

Mozilla Ventures

Mozilla Advertising