Mozilla: >> Firefox >> 130.0 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712.
CVSS Score
4.3
EPSS Score
0.09
Published
2007-02-13
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVSS Score
5.0
EPSS Score
0.002
Published
2003-12-31
Page 20