EIP-2026-103992

PRE-CVE

Mozilla Firefox - view-source:JavaScript url Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103992. PoCs published by mikx.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for a Firefox vulnerability (CVE-2005-126966) that leverages the 'view-source' URI scheme and JavaScript privilege escalation to create and execute arbitrary files on Windows, Linux, and macOS systems. The exploit abuses the 'SHORTCUT ICON' link tag to trigger the payload.

Description

Mozilla Firefox - view-source:JavaScript url Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by mikx · htmlremotemultiple

https://www.exploit-db.com/exploits/1007

View Code ZIP pw:eip

This is a functional proof-of-concept exploit for a Firefox vulnerability (CVE-2005-126966) that leverages the 'view-source' URI scheme and JavaScript privilege escalation to create and execute arbitrary files on Windows, Linux, and macOS systems. The exploit abuses the 'SHORTCUT ICON' link tag to trigger the payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Mozilla Firefox (versions prior to the fix for this vulnerability)

No auth needed

Prerequisites: Victim must visit the malicious webpage using a vulnerable version of Firefox · JavaScript must be enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026