N/A
CVE-2008-5022
EN The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
EPSS
13.4%
percentile 94.3%
Apps suivies affectées
Configurations CPE vulnérables
| Vendor | Produit | Plateforme | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| mozilla | thunderbird | Windows | ≥2.0 <2.0.0.18 | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |