Mozilla Foundation Security Advisory 2011-14
Information stealing via form history
- April 28, 2011
- Paul Stone
- Firefox, SeaMonkey
- Fixed in
- Firefox 3.5.19
- Firefox 3.6.17
- SeaMonkey 2.0.14
Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history.
Firefox 4 was not affected by this issue.