You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2011-08
Mozilla Foundation Security Advisory 2011-08
Title: ParanoidFragmentSink allows javascript: URLs in chrome documents
Impact: Moderate
Announced: March 1, 2011
Reporter: Roberto Suggi Liverani
Products: Firefox, Thunderbird, SeaMonkey
Fixed in: Firefox 3.6.14
Firefox 3.5.17
Thunderbird 3.1.8
SeaMonkey 2.0.12
Description
Mozilla security developer Roberto Suggi Liverani
reported that ParanoidFragmentSink
, a class used to
sanitize potentially unsafe HTML for display,
allows javascript:
URLs and other inline JavaScript when
the embedding document is a chrome document. While there are no
unsafe uses of this class in any released products, extension code
could have potentially used it in an unsafe manner.