Mozilla Foundation Security Advisory 2013-105
Application Installation doorhanger persists on navigation
- December 10, 2013
- Myk Melez
- Fixed in
- Firefox 26
Mozilla developer Myk Melez reported that with specifically timed page navigation, the doorhanger notification for Web App installation could persist from one site to another without being dismissed by the navigation. This could be used by a malicious site to trick a user into installing an application from one site while making it appear to come from another.