HTML5 Frame-Navigation Policy Bypass Vulnerability
CVE-2012-0445 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.
Learn more about our Web Application Penetration Testing UK.