Your submission was sent successfully! Close

CVE-2013-5612

Published: 11 December 2013

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

Priority

Low

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (26.0+build2-0ubuntu0.12.04.2)
quantal
Released (26.0+build2-0ubuntu0.12.10.2)
raring
Released (26.0+build2-0ubuntu0.13.04.2)
saucy
Released (26.0+build2-0ubuntu0.13.10.2)
upstream
Released (26.0)