Mozilla Firefox CVE-2013-1727 Cross Site Scripting Vulnerability
Description
Security researcher Takeshi Terada reported a mechanism to violate same-origin policy for local files using file:// through the use of symbolic links. This problem only affects web pages loaded from the local filesystem. This could allow for cross-site scripting (XSS) and access to locally stored Firefox files containing passwords and cookies.
Affected Applications
Firefox