Mozilla

Mozilla

Mozilla Foundation Security Advisory 2005-26

Cross-site scripting by dropping javascript: link on tab

Announced
February 24, 2005
Reporter
Michael Krax
Risk
Low
Impact
Critical
Products
Firefox, Mozilla Suite
Fixed in
  • Firefox 1.0.1
  • Mozilla Suite 1.7.6

Description

Dropping a javascript: or data: link on a tab executes in the context of the site already loaded in the tab. If an attacker could convince a user to drag and drop such a link on a particular tab this could be used to steal information or credentials associated with the site in that tab.

If the target tab contained privileged content, such as about:config, the dropped javascript link could run arbitrary code on the user's machine.

Workaround

Don't drag and drop opaque links. Disable Javascript.

References