Description
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Eiji James Yoshida · textremoteunix
https://www.exploit-db.com/exploits/21682
References (4)
Core 4
Core References
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5403
Issue Tracking x_refsource_misc
http://bugzilla.mozilla.org/show_bug.cgi?id=154030
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0060.html
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9757.php
Scores
EPSS
0.0023
EPSS Percentile
45.5%
Details
CWE
CWE-79
Status
published
Products (2)
mozilla/mozilla
1.0 (3 CPE variants)
mozilla/mozilla
1.1 alpha
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026