Privilege escalation using feed preview page and XSS flaw
- September 23, 2008
- Fixed in
- Firefox 18.104.22.168
Mozilla security researcher moz_bug_r_a4 reported a series of vulnerabilities in feedWriter which allow scripts from page content to run with chrome privileges.
Firefox 3 is not affected by this issue