CVE-2008-2800

CVE-2008-2800 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.

Learn more about our Web Application Penetration Testing UK.