Information disclosure with *FromPoint on iframes
- February 4, 2014
- Jordan Milne
- Firefox, SeaMonkey
- Fixed in
- Firefox 27
- SeaMonkey 2.24
Security researcher Jordan Milne reported an information
document.elementFromPoint functions could be used on a cross-origin
iframe to gain information on the iframe's DOM and other attributes through a
timing attack, violating same-origin policy.
In general this flaw cannot be exploited through email in the Seamonkey product because scripting is disabled in mail, but is potentially a risk in browser or browser-like contexts.