Mozilla Firefox is an open source Web browser from the Mozilla Foundation, U.S. A cross-site scripting vulnerability exists in Mozilla Firefox, which stems from incorrect input validation when handling HTML comment tags. An attacker could use this vulnerability to launch a cross-site scripting attack.