Mozilla Firefox CVE-2016-1941 Cross Site Scripting Vulnerability

description-logoDescription

Security researcher Jordi Chancel reported an issue on OS X where the delay between the download dialog getting focus and the button getting enabled was too short. If an attacker is able to induce the user to double-click in a specific location, they can then pass the second click through to the dialog below, leading to unintentional actions such as the running of downloaded software.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2016-1941