Mozilla Firefox CVE-2013-1709 Cross Site Scripting Vulnerability

description-logoDescription

Mozilla security researcher moz_bug_r_a4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting (XSS) attacks by loading scripts from a misrepresented malicious site through relative locations and the potential access of stored credentials of a spoofed site.

affected-products-logoAffected Applications

Firefox
Firefox ESR

CVE References

CVE-2013-1709