Form Autocompletion Vulnerability in Mozilla Firefox and SeaMonkey
CVE-2011-0067 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.
Learn more about our Web Application Penetration Testing UK.