Didier Ernotte » Inforss : Security Vulnerabilities, CVEs,
infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.
Max CVSS
9.3
EPSS Score
0.86%
Published
2009-11-29
Updated
2017-08-17
1 vulnerabilities found