RSS   Vulnerabilities for 'SAGE'   RSS

2009-11-29
 
CVE-2009-4102

CWE-20
 

 
Sage 1.4.3 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.

 


Copyright 2024, cxsecurity.com

 

Back to Top