AI Score
Confidence
High
EPSS
Percentile
82.4%
infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.
secunia.com/advisories/37467
www.vupen.com/english/advisories/2009/3323
addons.mozilla.org/en-US/firefox/addons/versions/361#version-1.2.0
exchange.xforce.ibmcloud.com/vulnerabilities/54370