CVE-2007-2060

N/A Unknown

Published: April 18, 2007 Modified: April 23, 2026

Description

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/34534

Source: cve@mitre.org

http://secunia.com/advisories/24913

Source: cve@mitre.org

http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/319464

Source: cve@mitre.org

Patch US Government Resource

http://www.kb.cert.org/vuls/id/MIMG-6ZKP4T

Source: cve@mitre.org

http://www.securityfocus.com/bid/23523

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1425

Source: cve@mitre.org

https://addons.mozilla.org/en-US/firefox/addon/424

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/33693

Source: cve@mitre.org

http://osvdb.org/34534