Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2009-21

POST data sent to wrong site when saving web page with embedded frame

Announced
April 21, 2009
Reporter
Paolo Amadini
Impact
Low
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 3.0.9
  • SeaMonkey 1.1.17

Description

Developer and Mozilla community member Paolo Amadini reported that when saving the inner frame of a web page as a file when the outer page has POST data associated with it, the POST data will be incorrectly sent to the URL of the inner frame. This could potentially result in a user's sensitive data being sent to a site for which it was not intended.

References