CVE-2012-0474

N/A Unknown
Published: April 25, 2012 Modified: April 29, 2026
View on NVD

Description

Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/48972
Source: cve@mitre.org
http://secunia.com/advisories/49047
Source: cve@mitre.org
http://secunia.com/advisories/49055
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
Source: cve@mitre.org
http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/53228
Source: cve@mitre.org
https://bugzilla.mozilla.org/show_bug.cgi?id=687745
Source: cve@mitre.org
https://bugzilla.mozilla.org/show_bug.cgi?id=737307
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16107
Source: cve@mitre.org
http://secunia.com/advisories/48972
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49047
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49055
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/53228
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.mozilla.org/show_bug.cgi?id=687745
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.mozilla.org/show_bug.cgi?id=737307
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16107
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.9%
77th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

mozilla

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8