Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value


Disclosure Date: February 01, 2012 (last updated October 04, 2023)
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.