firefox is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to a lack of sanitization of HTML comment tags, resulting in an incongruity with other browsers allowing an attacker to inject maliciously crafted script into the system.