Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and conduct phishing attacks.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation4 reference(s) from NVD