CVE-2007-1084
EPSS 0.60%Published: 2/23/2007Modified: 4/28/2026
Description
Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page.
Affected packages (1)
- Debian/epiphany-browserfrom 0