CVE-2006-4568
Mozilla Firefox < 1.5.0.6 - XSS
Title source: ruleDescription
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks.
References (47)
... and 27 more
Scores
EPSS
0.0136
EPSS Percentile
80.0%
Classification
CWE
CWE-79
Status
draft
Affected Products (2)
mozilla/firefox
< 1.5.0.6
mozilla/seamonkey
< 1.0.4
Timeline
Published
Sep 15, 2006
Tracked Since
Feb 18, 2026